Home

Description

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected service runs as NT AUTHORITY\SYSTEM.

PUBLISHED Reserved 2025-09-16 | Published 2026-04-23 | Updated 2026-04-23 | Assigner SEC-VLab

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status
unaffected

<1.3.95
affected

Credits

Tobias Niemann, SEC Consult Vulnerability Lab finder

Daniel Hirschberger, SEC Consult Vulnerability Lab finder

Thorger Jansen, SEC Consult Vulnerability Lab finder

Marius Renner, SEC Consult Vulnerability Lab finder

References

r.sec-consult.com/controlio third-party-advisory

kb.controlio.net/...5-Client-Update-April-15-2026-ver-1-3-95 release-notes

cve.org (CVE-2025-10549)

nvd.nist.gov (CVE-2025-10549)

Download JSON