CVE-2025-0707
Published: 24 January 2025
Description
A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as critical. This affects an unknown part in the library CRYPTBASE.dll of the component Startup. The manipulation leads to untrusted search path. The attack needs to be approached locally.
Security Summary
CVE-2025-0707 is a critical vulnerability discovered in Rise Group Rise Mode Temp CPU version 2.1, specifically affecting an unknown part of the CRYPTBASE.dll library within the Startup component. Published on January 24, 2025, the issue stems from an untrusted search path flaw, classified under CWE-426, with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Exploitation requires local access with low privileges and involves low-complexity manipulation of the untrusted search path, needing no user interaction. A successful attack can result in high impacts to confidentiality, integrity, and availability, potentially allowing the attacker to execute arbitrary code or gain significant control over the affected system.
Advisories published by VulDB provide further details on the vulnerability, including submission and identification records. Security practitioners should consult the following references for mitigation guidance and updates: https://vuldb.com/?ctiid.293235, https://vuldb.com/?id.293235, and https://vuldb.com/?submit.481088.
Details
- CWE(s)