7.8
CVE-2025-5494
- EPSS 0.25%
- Veröffentlicht 25.09.2025 14:15:46
- Zuletzt bearbeitet 22.10.2025 19:42:49
- Quelle 0fc0942c-577d-436f-ae8e-945763
- CVE-Watchlists
- Unerledigt
Privilege Escalation
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zohocorp ≫ Manageengine Endpoint Central Version < 11.4.2500.26
Zohocorp ≫ Manageengine Endpoint Central Version >= 11.4.2508.01 < 11.4.2508.14
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.161 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 0fc0942c-577d-436f-ae8e-945763c79b02 | 3.9 | 1.3 | 2.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
https://www.manageengine.com/products/desktop-central/privilege-escalation-endpointcentral-agent.html