CVE-2025-7472 | THREATINT

Description

A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM.

PUBLISHED Reserved 2025-07-11 | Published 2025-07-17 | Updated 2025-07-17 | Assigner Sophos

HIGH: 7.5CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status

unaffected

Any version before 1.22

affected

Credits

Sandro Poppi (https://medium.com/@spoppi) finder

References

www.sophos.com/...rity-advisories/sophos-sa-20250717-cix-lpe

cve.org (CVE-2025-7472)

nvd.nist.gov (CVE-2025-7472)

Download JSON