CVE-2025-4525

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Discord version 1.0.9188

Description A critical issue has been found in Discord, affecting some unknown functionality in the library WINSTA.dll. This issue leads to an uncontrolled search path. The attack must be approached locally and has a high complexity, making exploitation difficult. The exploit has been disclosed to the public.

Recommendations For Discord version 1.0.9188, consider restricting access to the WINSTA.dll library as a temporary mitigation measure until a patch is available.

Exploit

Fix

RCE

Untrusted Search Path

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426CWE-427

Related Identifiers

CVE-2025-4525

Affected Products

Discord

Winsta.Dll

CVE-2025-4525

Weakness Enumeration

Related Identifiers

Affected Products

References · 12