EUVD-2025-208691

| CVE-2025-15552 MEDIUM
2026-03-16 NCSC-FI
6.0
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
P

Lifecycle Timeline

3
Analysis Generated
Mar 16, 2026 - 11:00 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 11:00 euvd
EUVD-2025-208691
CVE Published
Mar 16, 2026 - 10:44 nvd
MEDIUM 6.0

Tags

Privilege Escalation Information Disclosure Lapswebui

Description

Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.

Analysis

Insufficient Session Expiration in Truesec's LAPSWebUI before version 2.4 allows local attackers with user-level privileges to obtain local administrator passwords through inadequate session management controls. An attacker with physical or logical access to a workstation can exploit this vulnerability to escalate privileges and disclose sensitive credentials, potentially compromising domain administration. This vulnerability represents a practical privilege escalation risk in environments relying on LAPS (Local Administrator Password Solution) for credential management.

Technical Context

LAPSWebUI is a web-based administrative interface for managing Microsoft's Local Administrator Password Solution (LAPS), which centrally manages local administrator account passwords across enterprise networks. The vulnerability stems from CWE-613 (Insufficient Session Expiration), a session management flaw where user sessions remain valid beyond their intended lifetime or are not properly terminated under specified conditions. Truesec's implementation fails to enforce adequate session timeout mechanisms or properly invalidate sessions when users disconnect, allowing attackers to reuse stale session tokens to access password disclosure functionality. The affected product operates as a web application (CPE prefix cpe:2.3:a:truesec:lapswebui) and interacts with Active Directory and LAPS infrastructure to retrieve and display sensitive local administrator credentials, making improper session handling particularly dangerous.

Affected Products

Truesec LAPSWebUI versions prior to 2.4 are affected by this vulnerability. The product is identified via CPE cpe:2.3:a:truesec:lapswebui and all versions before 2.4 should be considered vulnerable. Administrators should consult Truesec's official security advisory and release notes for confirmation of patch availability and recommended upgrade paths.

Remediation

Immediately upgrade Truesec LAPSWebUI to version 2.4 or later, which contains fixes for session expiration handling. Verify the upgrade through Truesec's official advisory and release notes. As interim mitigations pending patching, enforce strict network segmentation to limit access to the LAPSWebUI application to trusted administrative networks only, implement aggressive session timeout policies at the web server level (ideally 15–30 minutes of inactivity), deploy multi-factor authentication (MFA) for all LAPSWebUI access, and monitor session logs for anomalous reuse patterns. Additionally, restrict local access to workstations running LAPSWebUI clients and consider disabling password disclosure features until the patch can be applied if operational security allows.

Priority Score

30
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +30
POC: 0

Share

EUVD-2025-208691 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy