CVE-2025-67826

Description

An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation (LPE) vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit any registry key, leading to a full compromise as SYSTEM.

PUBLISHED Reserved 2025-12-12 | Published 2025-12-22 | Updated 2025-12-22 | Assigner mitre

References

www.k7computing.com/

support.k7computing.com/.../Advisory-issued-on-22nd-Dec-2025

cve.org (CVE-2025-67826)

nvd.nist.gov (CVE-2025-67826)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.