CVE-2025-59485

Summary

Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. If this vulnerability is exploited, an arbitrary file could be placed in the specific folder by a user who can log in to the system where the product's Windows client is installed. If the file is a specially crafted DLL file, arbitrary code could be executed with SYSTEM privilege.

Affected Software

VendorProductVersion RangeStatus
Intercom, Inc.Security Point (Windows) of MaLionprior to Ver.5.3.4affected

Weaknesses

  • CWE-276: Incorrect default permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References