Process Optimization
CVE-2025-65117
HIGH
Severity by source
AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements.
AnalysisAI
The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements. [CVSS 7.4 HIGH]
Technical ContextAI
Classified as CWE-676 (Use of Potentially Dangerous Function). Affects Process Optimization. The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements.
RemediationAI
Monitor vendor advisories for a patch.
More in Process Optimization
View allA CVSS 10.0 code injection vulnerability allows unauthenticated attackers to achieve remote code execution with OS-level
The vulnerability, if exploited, could allow an authenticated miscreant (OS standard user) to tamper with TCL Macro scr
The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimizatio
The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Standard User) to tamper
The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to tamper with Process Optim
The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted an
Same weakness CWE-676 – Use of Potentially Dangerous Function
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today