7.3
CVE-2025-26125
- EPSS 0.48%
- Veröffentlicht 17.03.2025 00:00:00
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.373 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.3 | 1.3 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-782 Exposed IOCTL with Insufficient Access Control
The product implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL.
https://github.com/ZeroMemoryEx/IObit-EoP
https://x.com/zeromemoryex/status/1876878269200449819
https://github.com/ZeroMemoryEx/CVE-2025-26125