Severity by source
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
Incorrect default permissions issue in PC Time Tracer prior to 5.2. If exploited, arbitrary code may be executed with SYSTEM privilege on Windows system where the product is running by a local authenticated attacker.
AnalysisAI
PC Time Tracer versions prior to 5.2 contain an incorrect default permissions vulnerability (CWE-276) that allows local authenticated attackers to execute arbitrary code with SYSTEM privileges on Windows systems. The vulnerability requires local access and user interaction but provides complete system compromise capability. No KEV/CISA known exploited vulnerability status or public POC availability is confirmed from the provided data, though the CVSS 7.3 score and EPSS analysis should be monitored for exploitation likelihood.
Technical ContextAI
This vulnerability stems from improper file or registry permission assignments in PC Time Tracer, classified under CWE-276 (Incorrect Default Permissions). Windows-based applications often run with elevated privileges or interact with system resources; if default DACL (Discretionary Access Control List) configurations permit low-privileged users to modify executable files, DLLs, configuration files, or scheduled tasks owned by the application, privilege escalation becomes possible. The root cause likely involves file/directory permissions on application directories (typically C:\Program Files\PC Time Tracer or similar) that inadvertently grant write access to authenticated local users, enabling DLL injection, executable replacement, or configuration manipulation. CPE identification would be: cpe:2.3:a:*:pc_time_tracer:*:*:*:*:*:*:*:* (versions <5.2).
RemediationAI
- Immediate Patch: Upgrade PC Time Tracer to version 5.2 or later. Obtain the patch from the official vendor download portal or auto-update mechanism. 2. Pre-Patch Mitigation: Restrict file and directory permissions on the PC Time Tracer installation directory (typically C:\Program Files\PC Time Tracer) to remove write access for non-administrator users; use icacls or Group Policy to enforce ACLs removing authenticated user write permissions. 3. Access Control: Limit local login privileges to trusted users; disable remote access if not required. Monitor and restrict scheduled task execution triggered by the application. 4. Detection: Audit file modification events in the application directory and monitor for unexpected process elevation or DLL loading from the application folder.
Windows MSHTML component contains a remote code execution vulnerability that allows attackers to craft malicious ActiveX
Windows Win32k contains an out-of-bounds write vulnerability enabling local privilege escalation to SYSTEM, exploited by
The Windows VBScript engine contains a remote code execution vulnerability in object handling that allows full system co
Windows Win32k fails to properly handle objects in memory, allowing local privilege escalation exploited in the wild in
A privilege escalation vulnerability (CVSS 5.5). Risk factors: actively exploited (KEV-listed), EPSS 94% exploitation pr
Windows Kernel contains a TOCTOU race condition vulnerability allowing local privilege escalation, exploited by the OilR
Windows Internet Shortcut Files (.url) contain an external control vulnerability (CVE-2025-33053, CVSS 8.8) that enables
Windows SMB contains an improper access control vulnerability (CVE-2025-33073, CVSS 8.8) enabling authenticated attacker
Twonky Server 8.5.2 on Linux and Windows allows unauthenticated access to the admin log file through a web service API b
An unrestricted file upload vulnerability exists in MiniWeb HTTP Server <= Build 300 that allows unauthenticated remote
FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbit
Serviio Media Server versions 1.4 through 1.8 on Windows contain an unauthenticated command injection in the /rest/actio
Same weakness CWE-276 – Incorrect Default Permissions
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-16715