APM Server Uncontrolled Search Path Element can lead to Local...

7 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.

Basic Information

ID CVE-2025-0712

Source elastic

Published Jul 30, 2025 at 00:12

Modified Jul 30, 2025 at 14:06

Affected Product

Vendor Elastic

Product APM Server

Version 8.16

Affected Versions Elastic APM Server 8.16
Elastic APM Server 8.17

CWE Classification

CWE-427

References

discuss.elastic.co /t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558

{
    "lastseen": "",
    "description": "An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.",
    "published": "2025-07-30T00:12:43.639Z",
    "modified": "2025-07-30T14:06:16.977Z",
    "type": "cve",
    "title": "APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer",
    "source": "elastic",
    "references": "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558",
    "id": "CVE-2025-0712",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Elastic APM Server 8.16\nElastic APM Server 8.17",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "APM Server",
    "version": "8.16",
    "vendor": "Elastic",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

APM Server Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer_CVE-2025-0712