CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-50892

The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive information disclosure, denial of service, or local privilege escalation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.8%

CVSS Severity

CVSS v3 Score 7.8

References

http://easeus.com
https://gist.github.com/christopher-ellis-workday/756c998f9f59dd2c437d83e60c7ed220

Products affected by CVE-2025-50892

Easeus » Eudskacs.sys Driver » Version: 20250328

cpe:2.3:a:easeus:eudskacs.sys_driver:20250328

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-50892

Products

Pricing

Contact Us