CVE-2025-67791

Name of the Vulnerable Software and Affected Versions DriveLock versions 24.1 through 24.1.* DriveLock versions 24.2 through 24.2.* DriveLock versions 25.1 through 25.1.*

Description An incomplete configuration related to agent authentication in DriveLock tenants can allow attackers to impersonate any DriveLock agent on the network against the DriveLock Enterprise Service (DES). This allows attackers to potentially gain unauthorized access and control within the network.

Recommendations Update DriveLock to a version beyond 25.1.*. Review and correct the DriveLock tenant configuration to ensure proper agent authentication.