[Advisory - DriveLock] Multiple vulnerabilities - DES Privileges Escalation & Agent LPE
| Product: | DriveLock |
|---|---|
| Homepage: | https://www.drivelock.com/ |
| Vulnerable version: | 25.1.4.58314 |
| Fixed version: | 24.2.8, 25.1.6 |
| CVSS Score: | - |
| Found: | Oct 1, 2025 |
Advisories
-
[Advisory - DriveLock] DriveLock Agent - Arbitrary file write allows LPE
-
[Advisory - DriveLock] DriveLock Enterprise Service - Privilege escalation to Supervisor
Timeline
- 2025-10-01: Sent details about vulnerability - CVE-2025-67794 - to vendor
- 2025-11-04: Sent details about vulnerability - CVE-2025-67793 - to vendor
- 2025-12-16: Patches released