CVE-2025-15553

| EUVD-2025-208693 MEDIUM
2026-03-16 NCSC-FI
6.0
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
P

Lifecycle Timeline

3
Analysis Generated
Mar 16, 2026 - 11:00 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 11:00 euvd
EUVD-2025-208693
CVE Published
Mar 16, 2026 - 10:45 nvd
MEDIUM 6.0

Tags

Privilege Escalation Lapswebui

Description

Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.

Analysis

LAPSWebUI before version 2.4 contains a non-functional logout mechanism that allows an authenticated local attacker to obtain elevated privileges through disclosure of cached local administrator passwords. An attacker with existing workstation access and low privileges can exploit this flaw to escalate to local admin by recovering credentials that should have been cleared upon session termination. The vulnerability carries a CVSS v4.0 score of 6.0 (Medium) with local attack vector and requires prior login plus user interaction, though the confidentiality impact on sensitive credentials is marked as high.

Technical Context

LAPSWebUI (Local Administrator Password Solution Web User Interface) by Truesec is a web-based management interface for LAPS credential distribution and rotation in Windows environments. The vulnerability stems from CWE-613 (Insufficient Session Expiration), a session management flaw where the logout endpoint fails to properly invalidate active sessions or clear sensitive data from application memory and browser caches. The affected CPE is cpe:2.3:a:truesec:lapswebui, with versions prior to 2.4 vulnerable. The root cause involves improper cleanup of sensitive password data stored in the UI context during session termination, allowing an attacker to access cached or residual credentials after the legitimate user departs.

Affected Products

Truesec LAPSWebUI versions prior to 2.4 are affected, as confirmed by the vendor advisory and CPE designation cpe:2.3:a:truesec:lapswebui. Organizations running LAPSWebUI 2.3 and earlier should prioritize patching. Version 2.4 and later contain the corrective session logout implementation and should be deployed to all instances.

Remediation

Upgrade LAPSWebUI to version 2.4 or later immediately by obtaining the patched release from Truesec's official distribution channels and applying it across all deployed instances. Until patching can be completed, enforce strict physical and logical access controls to workstations running LAPSWebUI, mandate screen locks after brief idle periods (e.g., 5 minutes), and implement endpoint detection and response (EDR) monitoring for suspicious credential access patterns. Consider restricting LAPSWebUI access to a dedicated administrative workstation or bastion host with enhanced logging. Review LAPS credential rotation frequency to minimize exposure window if cached credentials are obtained.

Priority Score

30
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +30
POC: 0

Share

CVE-2025-15553 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy