CVE-2025-37735 | THREATINT

Description

Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.

PUBLISHED Reserved 2025-04-16 | Published 2025-11-06 | Updated 2025-11-07 | Assigner elastic

HIGH: 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-281 Improper Preservation of Permissions

Product status

Default status

unaffected

8.0.0 (semver)

affected

9.0.0 (semver)

affected

References

discuss.elastic.co/...2-0-security-update-esa-2025-23/383272

cve.org (CVE-2025-37735)

nvd.nist.gov (CVE-2025-37735)

Download JSON