Beats Uncontrolled Search Path Element can lead to Local Privilege...

7 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.

Basic Information

ID CVE-2025-25011

Source elastic

Published Jul 30, 2025 at 00:15

Modified Aug 2, 2025 at 03:55

Affected Product

Vendor Elastic

Product Beats

Version 8.0.0

Affected Versions Elastic Beats 8.0.0

CWE Classification

CWE-427

References

discuss.elastic.co /t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558

{
    "lastseen": "",
    "description": "An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges.",
    "published": "2025-07-30T00:15:43.132Z",
    "modified": "2025-08-02T03:55:49.873Z",
    "type": "cve",
    "title": "Beats Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer",
    "source": "elastic",
    "references": "https://discuss.elastic.co/t/beats-windows-installer-9-1-0-security-update-esa-2025-12/380558",
    "id": "CVE-2025-25011",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Elastic Beats 8.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Beats",
    "version": "8.0.0",
    "vendor": "Elastic",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Beats Uncontrolled Search Path Element can lead to Local Privilege Escalation (LPE) when using the Windows Installer_CVE-2025-25011