Security Advisory

CVE-2025-66265

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-26 01:12:50

Last updated 2025-11-26 15:31:02

Assigner Gridware

State PUBLISHED

Description

CMService.exe creates the C:usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files (such as snmp.conf) or hijack DLLs to escalate privileges.

← Browse all CVEs View on cve.org ↗