CVE-2025-7433

HIGH

8.8

Descricao

A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution.

Detalhes CVE

Pontuacao CVSS v3.18.8

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Vetor de ataqueLOCAL

ComplexidadeLOW

Privilegios necessariosLOW

Interacao do usuarioNONE

Publicado7/17/2025

Ultima modificacao7/17/2025

Fontenvd

Avistamentos honeypot0

Fraquezas (CWE)

CWE-502

Referencias

https://www.sophos.com/en-us/security-advisories/sophos-sa-20250717-cix-lpe(security-alert@sophos.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.