CVE-2025-22894

Published Feb 6, 2025

Last updated 2 months ago

CVSS medium 6.5

Overview

Description
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a result, an arbitrary DLL may be executed with SYSTEM privilege.
Source
vultures@jpcert.or.jp
NVD status
Received

Risk scores

CVSS 3.0

Type
Secondary
Base score
6.5
Impact score
4
Exploitability score
2
Vector string
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Severity
MEDIUM

Weaknesses

vultures@jpcert.or.jp
CWE-422

Social media

Hype score
Not currently trending

  1. CVE-2025-22894 Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted mes… https://t.co/nqAqSFgiPN

    @CVEnew

    6 Feb 2025

    437 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References