CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-34489

GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.2%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2025-34489

Gfi » Mailessentials » Version: 20

cpe:2.3:a:gfi:mailessentials:20
Gfi » Mailessentials » Version: 20.1

cpe:2.3:a:gfi:mailessentials:20.1
Gfi » Mailessentials » Version: 20.2

cpe:2.3:a:gfi:mailessentials:20.2
Gfi » Mailessentials » Version: 20.3

cpe:2.3:a:gfi:mailessentials:20.3
Gfi » Mailessentials » Version: 21.0

cpe:2.3:a:gfi:mailessentials:21.0
Gfi » Mailessentials » Version: 21.1

cpe:2.3:a:gfi:mailessentials:21.1
Gfi » Mailessentials » Version: 21.2

cpe:2.3:a:gfi:mailessentials:21.2
Gfi » Mailessentials » Version: 21.3

cpe:2.3:a:gfi:mailessentials:21.3
Gfi » Mailessentials » Version: 21.4

cpe:2.3:a:gfi:mailessentials:21.4
Gfi » Mailessentials » Version: 21.5

cpe:2.3:a:gfi:mailessentials:21.5
Gfi » Mailessentials » Version: 21.6

cpe:2.3:a:gfi:mailessentials:21.6
Gfi » Mailessentials » Version: 21.7

cpe:2.3:a:gfi:mailessentials:21.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-34489

Products

Pricing

Contact Us