Skip to main content

CVE-2025-64772

| EUVDEUVD-2025-199943 HIGH
Uncontrolled Search Path Element (CWE-427)
2025-12-01 vultures@jpcert.or.jp
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 15, 2026 - 13:34 euvd
EUVD-2025-199943
Analysis Generated
Mar 15, 2026 - 13:34 vuln.today
CVE Published
Dec 01, 2025 - 01:16 nvd
HIGH 7.8

DescriptionCVE.org

The installer of INZONE Hub 1.0.10.3 to 1.0.17.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

AnalysisAI

A security vulnerability in installer of INZONE Hub 1.0.10.3 to 1.0.17.0 (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Technical ContextAI

CWE-427 (Uncontrolled Search Path). CVSS 7.8 indicates high severity. Affects installer of INZONE Hub 1.0.10.3 to 1.0.17.0.

RemediationAI

Monitor vendor channels for patch availability.

Share

CVE-2025-64772 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy