Elastic has revealed a critical vulnerability in Elastic Defend for Windows, classified as CVE-2025-37735. This issue, stemming from improper permission preservation in the Defend service, allows local attackers with SYSTEM-level access to escalate their privileges. The vulnerability enables unauthorized users to potentially delete arbitrary files or gain administrative access on affected systems. Affected versions include up to 8.19.5 and 9.0.0 through 9.1.5. The CVSS v3.1 score of 7.0 indicates a high severity risk. Organizations are urged to address this vulnerability promptly by upgrading to fixed versions 8.19.6, 9.1.6, or 9.2.0. For those unable to upgrade immediately, Windows 11 24H2 includes changes that reinforce security against such exploitation. Users should carefully consider the timelines for installing updates to maintain system integrity and minimize risks from potential attackers.
The requirement for local access signifies that while exploitation may not necessitate user interaction, the implications of this vulnerability are substantial for organizations. The situation is pressing, and firms are recommended to act urgently in remediation efforts. The flaw’s ability to bridge the divide between lower-privilege accounts and full system control heightens the threat posed to enterprise security. Overall, prioritizing the upgrade of Elastic Defend installations is crucial in mitigating the risks from this newly disclosed vulnerability.
👉 Pročitaj original: Cyber Security News
