How to fix CVE-2025-69875?

Within 24 hours: Inventory all Quick Heal Total Security 23.0.0 deployments and isolate affected systems from sensitive networks if possible; disable the quarantine restore feature via administrative controls. Within 7 days: Contact Quick Heal for patch availability status and timeline; evaluate alternative endpoint protection solutions. Within 30 days: Deploy patched version immediately upon vendor release or migrate to alternate security solution; conduct forensic review of quarantine logs for unauthorized restore activities.

Is Total Security affected by CVE-2025-69875?

A high-severity vulnerability in Quick Heal Total Security 23.0.0 allows low-privileged users to bypass security controls and restore malicious files into protected system directories, potentially compromising system integrity and enabling privilege escalation.

CVE-2025-69875

HIGH

2026-02-03 [email protected]

7.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Feb 11, 2026 - 16:06 vuln.today

Public exploit code

CVE Published

Feb 03, 2026 - 18:16 nvd

HIGH 7.8

Description

A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation.

Analysis

Technical Context

Classified as CWE-269 (Improper Privilege Management). Affects the quarantine management component of Total Security. A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation.

Affected Products

Vendor: Quickheal. Product: Total Security. Versions: up to 23.0.0. Component: quarantine management.

Remediation

Monitor vendor advisories for a patch.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +39

POC: +20

CVE-2025-69875 vulnerability details – vuln.today

Back

CVE-2025-69875

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-69875

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code