CVE-2025-64701

Summary

QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privilege escalation vulnerability, which may allow a user who can log in to a Windows system with the affected product to gain administrator privileges. As a result, sensitive information may be accessed or altered, and arbitrary actions may be performed.

Affected Software

VendorProductVersion RangeStatus
QualitySoft CorporationQND Premium/Advance/StandardVer.11.0.9i and prioraffected

Weaknesses

  • CWE-268: Privilege chaining

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References