CVE-2025-37735

Summary

Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.

Affected Software

VendorProductVersion RangeStatus
ElasticKibana8.0.0 <= 8.19.5affected
ElasticKibana9.0.0 <= 9.1.5affected

Weaknesses

  • CWE-281: CWE-281 Improper Preservation of Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References