Skip to main content

Universal Forwarder

1 CVEs product

Monthly

CVE-2025-20298 HIGH PATCH This Week

Privilege escalation vulnerability in Splunk Universal Forwarder for Windows where incorrect file system permissions are assigned during installation or upgrade, allowing non-administrator users to read and modify sensitive files in the installation directory. This affects versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, and could enable unauthorized access to credentials, configuration files, and system monitoring data. While CVSS 8.0 indicates high severity, real-world exploitation requires local access and user interaction (UI requirement per vector), limiting attack scope.

Windows Privilege Escalation Information Disclosure Microsoft Splunk +1
NVD
CVSS 3.1
8.0
EPSS
0.1%
EPSS 0% CVSS 8.0
HIGH PATCH This Week

Privilege escalation vulnerability in Splunk Universal Forwarder for Windows where incorrect file system permissions are assigned during installation or upgrade, allowing non-administrator users to read and modify sensitive files in the installation directory. This affects versions below 9.4.2, 9.3.4, 9.2.6, and 9.1.9, and could enable unauthorized access to credentials, configuration files, and system monitoring data. While CVSS 8.0 indicates high severity, real-world exploitation requires local access and user interaction (UI requirement per vector), limiting attack scope.

Windows Privilege Escalation Information Disclosure +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy