Home

Description

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL).

PUBLISHED Reserved 2025-04-14 | Published 2025-10-09 | Updated 2025-11-03 | Assigner Checkmk




HIGH: 8.8CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem types

CWE-427: Uncontrolled Search Path Element

Product status

Default status
unaffected

2.4.0 (semver) before 2.4.0p13
affected

2.3.0 (semver) before 2.3.0p38
affected

2.2.0 (semver) before 2.2.0p46
affected

2.1.0 (semver)
affected

Credits

Lisa Gnedt (SBA Research) reporter

References

seclists.org/fulldisclosure/2025/Oct/6

checkmk.com/werk/18207 vendor-advisory

github.com/...vilege_Escalation_via_Insecure_Temporary_Files third-party-advisory

cve.org (CVE-2025-32919)

nvd.nist.gov (CVE-2025-32919)

Download JSON