CVE-2025-27237 | THREATINT

Description

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.

PUBLISHED Reserved 2025-02-20 | Published 2025-10-03 | Updated 2025-10-04 | Assigner Zabbix

HIGH: 7.3CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-427: Uncontrolled Search Path Element

Product status

Default status

unknown

6.0.0 (git)

affected

7.0.0 (git)

affected

7.2.0 (git)

affected

7.4.0 (git)

affected

Credits

Zabbix wants to thank himbeer for submitting this report on the HackerOne bug bounty platform. reporter

References

support.zabbix.com/browse/ZBX-27061

cve.org (CVE-2025-27237)

nvd.nist.gov (CVE-2025-27237)

Download JSON