PT-2025-46148 · Jetbrains · Jetbrains Resharper
Published
2025-11-10
·
Updated
2025-11-14
·
CVE-2025-64456
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
JetBrains ReSharper versions prior to 2025.2.4
Description
A missing signature verification in the DPA Collector component allows for local privilege escalation. The DPA Collector is likely responsible for collecting or transmitting diagnostics or telemetry data.
Recommendations
Update JetBrains ReSharper to version 2025.2.4 or later.
Fix
LPE
Improper Verification of Cryptographic Signature
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jetbrains Resharper