How to fix CVE-2025-27582?

Within 24 hours: Inventory all systems running One Identity Password Manager versions before 5.14.4 and assess physical security controls around workstations. Within 7 days: Implement compensating controls including disabling the Password Self-Service Help function or restricting its access, and enable enhanced logging on affected systems. Within 30 days: Upgrade to One Identity Password Manager 5.14.4 or later once available, or consider alternative password management solutions if upgrades are not feasible.

Is Windows affected by CVE-2025-27582?

CVE-2025-27582 enables attackers with physical access to locked workstations to escalate privileges to SYSTEM level through the One Identity Password Manager interface, potentially compromising all organizational data and systems on affected devices.

CVE-2025-27582

EUVD-2025-21342 HIGH

2025-07-14 [email protected]

7.6

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 09:43 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 09:43 euvd

EUVD-2025-21342

CVE Published

Jul 14, 2025 - 13:15 nvd

HIGH 7.6

Description

The Secure Password extension in One Identity Password Manager before 5.14.4 allows local privilege escalation. The issue arises from a flawed security hardening mechanism within the kiosk browser used to display the Password Self-Service site to end users. Specifically, the application attempts to restrict privileged actions by overriding the native window.print() function. However, this protection can be bypassed by an attacker who accesses the Password Self-Service site from the lock screen and navigates to an attacker-controlled webpage via the Help function. By hosting a crafted web page with JavaScript, the attacker can restore and invoke the window.print() function, launching a SYSTEM-privileged print dialog. From this dialog, the attacker can exploit standard Windows functionality - such as the Print to PDF or Add Printer wizard - to spawn a command prompt with SYSTEM privileges. Successful exploitation allows a local attacker (with access to a locked workstation) to gain SYSTEM-level privileges, granting full control over the affected device.

Analysis

A privilege escalation vulnerability in One Identity Password Manager (CVSS 7.6). High severity vulnerability requiring prompt remediation.

Technical Context

Vulnerability type: privilege escalation. CVSS 7.6 indicates high severity. Affects One Identity Password Manager.

Affected Products

['One Identity Password Manager']

Remediation

Monitor vendor channels for patch availability.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

CVE-2025-27582 vulnerability details – vuln.today

Back

CVE-2025-27582

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-27582

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code