CVE-2025-20094

Published Feb 6, 2025

Last updated 17 days ago

CVSS high 8.8

Overview

Description
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege.
Source
vultures@jpcert.or.jp
NVD status
Received

Risk scores

CVSS 3.0

Type
Secondary
Base score
8.8
Impact score
6
Exploitability score
2
Vector string
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

vultures@jpcert.or.jp
CWE-422

Social media

Hype score
Not currently trending

  1. CVE-2025-20094 Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted mes… https://t.co/VkB6V1BInp

    @CVEnew

    6 Feb 2025

    444 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References