CVE-2025-0416

by Fred · 01/04/2025

Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege is a Windows permission that allows a process to impersonate another user. An attacker can use this vulnerability to escalate their privileges and take complete control of the system.

Assigner : vulncoord@ncsc.fi

More information : https://www.valmet.com/about-us/about/research-and-development/vulnerabilityadvisories/cve-2025-0416/

CVE-2025-0416

Similar

Recent Posts

Categories

CVE-2025-0416

Share this:

Similar

Recent Posts

Categories

Tags