← Zuruck zu CVEs
CVE-2025-15561
HIGH7.8
Beschreibung
An attacker can exploit the update behavior of the WorkTime monitoring daemon to elevate privileges on the local system to NT Authority\SYSTEM. A malicious executable must be named WTWatch.exe and dropped in the C:\ProgramData\wta\ClientExe directory, which is writable by "Everyone". The executable will then be run by the WorkTime monitoring daemon.
CVE Details
CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht2/19/2026
Zuletzt geandert2/26/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
nestersoft:worktime
Schwachen (CWE)
CWE-269
Referenzen
https://r.sec-consult.com/worktime(551230f0-3615-47bd-b7cc-93e92e730bbf)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.