PT-2025-38068 · Microsoft+1 · Windows+3
Msry1
·
Published
2025-09-16
·
Updated
2025-09-20
·
CVE-2025-57625
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CYRISMA Sensor versions prior to 444
Description
CYRISMA Sensor before version 444 for Windows contains an insecure folder and file permissions issue. A low-privileged user can exploit this to escalate privileges and execute arbitrary code with NT AUTHORITYSYSTEM privileges. This is achieved by replacing
DataSpotliteAgent.exe or other binaries called by the Cyrisma Agent service during startup.Recommendations
Update CYRISMA Sensor to version 444 or later.
As a temporary workaround, restrict write access to the affected folder and files to prevent unauthorized modification of
DataSpotliteAgent.exe and other binaries called by the Cyrisma Agent service.Exploit
Fix
LPE
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cyrisma Sensor
Cyrisma Agent
Dataspotliteagent.Exe
Windows