EUVD-2025-18161

| CVE-2025-35978 HIGH
2025-06-12 [email protected]
7.1
CVSS 3.0
Share

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 21:20 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 21:20 euvd
EUVD-2025-18161
CVE Published
Jun 12, 2025 - 06:15 nvd
HIGH 7.1

Tags

RCE Privilege Escalation Windows

Description

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.

Analysis

Privilege escalation vulnerability in UpdateNavi and UpdateNaviInstallService that allows local authenticated attackers to modify arbitrary registry values or execute arbitrary code through improper communication channel restrictions. Affected versions include UpdateNavi V1.4 L10-L33 and UpdateNaviInstallService 1.2.0091-1.2.0125. With a CVSS score of 7.1 and local attack vector requiring low privileges, this vulnerability poses significant risk to systems running vulnerable versions, particularly in scenarios where local user accounts have network access or elevation paths.

Technical Context

This vulnerability stems from CWE-923 (Improper Restriction of Communication Channel to Intended Endpoints), which indicates the affected software fails to properly validate or restrict which entities can communicate with critical system components. UpdateNavi and UpdateNaviInstallService are software update and installation services that typically operate with elevated privileges and interact with Windows registry. The improper channel restriction allows authenticated local users to inject malicious data that bypasses intended communication safeguards, leading to unvalidated registry modifications or code execution in the service context. The vulnerability affects the communication protocols or IPC mechanisms between client processes and the privileged service components, suggesting inadequate input validation or endpoint authentication on the service side.

Affected Products

UpdateNavi (V1.4 L10 through L33); UpdateNaviInstallService (1.2.0091 through 1.2.0125)

Remediation

Upgrade UpdateNavi to version L34 or later; priority: Critical Upgrade UpdateNaviInstallService to version 1.2.0126 or later; priority: Critical Workaround: Restrict local user account privileges to minimum necessary; enforce strong local access controls and disable non-essential local user accounts on systems running vulnerable versions; priority: High Workaround: Monitor Windows Event Viewer for suspicious registry modification attempts and unusual UpdateNavi/UpdateNaviInstallService service activity; priority: Medium Mitigation: Implement application whitelisting to restrict execution from UpdateNavi service contexts; use AppLocker or Windows Defender Application Control (WDAC); priority: High Detection: Monitor for CWE-923 exploitation patterns: unauthorized registry writes to HKLM\, unexpected child processes from service context, and malformed IPC communication attempts to UpdateNavi services; priority: Medium

Priority Score

36
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +36
POC: 0

Share

EUVD-2025-18161 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy