CVE-2025-20094

Summary

Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege.

Affected Software

VendorProductVersion RangeStatus
Humming Heads Inc.Defense Platform Home EditionVer.3.9.51.x and earlieraffected

Weaknesses

  • CWE-422: Unprotected Windows Messaging Channel ('Shatter')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References