CVE-2025-49144

EPSS 0.42%
Veröffentlicht 23.06.2025 19:01:16
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Notepad++ Privilege Escalation in Installer via Uncontrolled Executable Search Path

Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 3 Referenzen 10

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstellernotepad-plus-plus

≫

Produkt notepad-plus-plus

Version < 8.8.2

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.42%	0.333

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	7.3	1.3	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-272 Least Privilege Violation

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

CWE-427 Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-9vx8-v79m-6m24

https://github.com/notepad-plus-plus/notepad-plus-plus/commit/f2346ea00d5b4d907ed39d8726b38d77c8198f30

https://drive.google.com/drive/folders/11yeUSWgqHvt4Bz5jO3ilRRfcpQZ6Gvpn

https://www.vicarius.io/vsociety/posts/cve-2025-49144-detect-notepad-vulnerability

https://www.vicarius.io/vsociety/posts/cve-2025-49144-mitigate-notepad-vulnerability

https://www.vicarius.io/vsociety/posts/cve-2025-49144-detect-notepad-vulnerability-1

https://www.vicarius.io/vsociety/posts/cve-2025-49144-mitigate-notepad-vulnerability-1

https://nvd.nist.gov/vuln/detail/CVE-2025-49144

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-49144

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-49144

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-49144