CVE-2025-13051 | THREATINT

Description

When the service of ABP and AES is installed in a directory writable by non-administrative users, an attacker can replace or plant a DLL with the same name as one loaded by the service. Upon service restart, the malicious DLL is loaded and executed under the LocalSystem account, resulting in unauthorized code execution with elevated privileges. This issue affects ABP and AES: from ABP 2.0 through 2.0.7.9050, from AES 1.0 through 1.0.6.8290.

PUBLISHED Reserved 2025-11-12 | Published 2025-11-19 | Updated 2025-11-19 | Assigner ASUSTOR1

CRITICAL: 9.3CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status

unaffected

ABP 2.0 (custom)

affected

AES 1.0 (custom)

affected

Credits

Kazuma Matsumoto, Security Researcher at GMO Cybersecurity by IERAE, Inc. finder

References

www.asustor.com/security/security_advisory_detail?id=48 vendor-advisory

cve.org (CVE-2025-13051)

nvd.nist.gov (CVE-2025-13051)

Download JSON