CVE-2025-26692

Summary

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, arbitrary code may be executed by a remote unauthenticated attacker with the Windows system privilege where the product is running.

Affected Software

VendorProductVersion RangeStatus
SIOS Technology, Inc.Quick Agent V3prior to Ver3.2.1affected
SIOS Technology, Inc.Quick Agent V2prior to Ver2.9.8affected

Weaknesses

  • CWE-22: Improper limitation of a pathname to a restricted directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References