CVE-2025-22894

Published Feb 6, 2025

Last updated 17 days ago

CVSS medium 6.5

Overview

Description
Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a result, an arbitrary DLL may be executed with SYSTEM privilege.
Source
vultures@jpcert.or.jp
NVD status
Received

Risk scores

CVSS 3.0

Type
Secondary
Base score
6.5
Impact score
4
Exploitability score
2
Vector string
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Severity
MEDIUM

Weaknesses

vultures@jpcert.or.jp
CWE-422

Social media

Hype score
Not currently trending

  1. CVE-2025-22894 Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted mes… https://t.co/nqAqSFgiPN

    @CVEnew

    6 Feb 2025

    437 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References