CVE-2025-0372 | THREATINT

Description

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR Passwordless: before 10.1.

PUBLISHED Reserved 2025-01-10 | Published 2025-05-21 | Updated 2025-05-21 | Assigner HYPR

MEDIUM: 5.9CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L

Problem types

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Product status

Default status

unaffected

Any version before 10.1

affected

References

www.hypr.com/trust-center/security-advisories

cve.org (CVE-2025-0372)

nvd.nist.gov (CVE-2025-0372)

Download JSON