CVE-2025-49797
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| BROTHER INDUSTRIES, LTD. | Multiple driver installers for Windows | see the information provided by the vendor | affected |
| Toshiba Tec Corporation | Multiple driver installers for Windows | see the information provided by the vendor | affected |
| Ricoh Company, Ltd. | Multiple driver installers for Windows | see the information provided by the vendor | affected |
Weaknesses
- CWE-552: Files or directories accessible to external parties
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://support.brother.com/g/s/security/
- https://www.toshibatec.com/information/20250625_01.html
- https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009
- https://jvn.jp/en/vu/JVNVU91819309/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.