Home / Vulnerability Intelligence / CVE-2025-69784

CVE-2025-69784 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 17, 2026

OpenEDR - Privilege Escalation

Published: March 16, 2026Updated: March 17, 2026

Overview

OpenEDR 2.5.1.0 contains a privilege escalation caused by a vulnerable IOCTL interface allowing DLL injection path modification, letting local non-privileged attackers execute arbitrary code with SYSTEM privileges, exploit requires local access.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 1.2%(Probability of exploitation in next 30 days)

Impact

Local attackers can execute arbitrary code with SYSTEM privileges, leading to full system compromise.

Mitigation

Update to the latest version of OpenEDR.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 16, 2026

🟠 CVE-2025-69784 - High (8.8) A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause ... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69784/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2025-69784
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: unconfirmed
EPSS: 1.2%
Social Posts: 1

CWE

CWE-427

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score

1.2%Probability of exploitation in the next 30 days