Security Advisory

CVE-2025-6250

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-07-28 15:40:28

Last updated 2025-07-28 17:22:45

Assigner BT

State PUBLISHED

Description

Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.

← Browse all CVEs View on cve.org ↗