CVE-2025-47809 | THREATINT

Description

Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.

PUBLISHED Reserved 2025-05-10 | Published 2025-05-16 | Updated 2025-05-16 | Assigner mitre

HIGH: 8.2CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Problem types

CWE-272 Least Privilege Violation

Product status

Default status

unaffected

Any version before 8.30a

affected

References

www.wibu.com/support/security-advisories/wibu-100120.html

cve.org (CVE-2025-47809)

nvd.nist.gov (CVE-2025-47809)

Download JSON