Security Advisory

CVE-2025-37735

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-06 14:27:26

Last updated 2026-02-26 17:47:10

Assigner elastic

State PUBLISHED

Description

Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.

← Browse all CVEs View on cve.org ↗