Vulnerability Details CVE-2025-69784
A local, non-privileged attacker can abuse a vulnerable IOCTL interface exposed by the OpenEDR 2.5.1.0 kernel driver to modify the DLL injection path used by the product. By redirecting this path to a user-writable location, an attacker can cause OpenEDR to load an attacker-controlled DLL into high-privilege processes. This results in arbitrary code execution with SYSTEM privileges, leading to full compromise of the affected system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.6%
CVSS Severity
CVSS v3 Score 8.8
References