Home

Description

BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoNTFS: 1.3.2.

PUBLISHED Reserved 2025-11-26 | Published 2025-12-12 | Updated 2025-12-23 | Assigner Fluid Attacks




HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

Product status

Default status
unaffected

1.3.2
affected

Credits

Oscar Uribe finder

References

fluidattacks.com/advisories/greenday exploit

fluidattacks.com/advisories/greenday third-party-advisory

www.drbuho.com/buhontfs product

cve.org (CVE-2025-13733)

nvd.nist.gov (CVE-2025-13733)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.