EUVD-2025-32535CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Lifecycle Timeline
4Description
In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.
Analysis
In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.
Technical Context
Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Uncontrolled Search Path Element (CWE-427).
Remediation
Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).
Priority Score
Vendor Status
Ubuntu
Priority: Medium| Release | Status | Version |
|---|---|---|
| trusty | not-affected | - |
| xenial | not-affected | - |
| bionic | not-affected | - |
| focal | not-affected | - |
| jammy | not-affected | - |
| noble | DNE | - |
| plucky | not-affected | - |
| upstream | not-affected | debian: Only affects Zabbix Agent and Agent2 on Windows |
Debian
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | fixed | 1:5.0.8+dfsg-1 | - |
| bullseye (security) | fixed | 1:5.0.47+dfsg-0+deb11u1 | - |
| bookworm | fixed | 1:6.0.14+dfsg-1 | - |
| trixie | fixed | 1:7.0.10+dfsg-2 | - |
| forky, sid | fixed | 1:7.0.22+dfsg-1 | - |
| (unstable) | not-affected | - | - |
Share
External POC / Exploit Code
Leaving vuln.today