Topaz SERVCore Teller Installer SERVCoreTeller_2.0.40D.msi permission_CVE-2025-10941

8.5 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X

Description

A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue is some unknown functionality of the file SERVCoreTeller_2.0.40D.msi of the component Installer. Executing manipulation can lead to permission issues. The attack needs to be launched locally. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-10941

Source VulDB

Published Sep 25, 2025 at 11:02

Affected Product

Vendor Topaz

Product SERVCore Teller

Version 2.14.0-RC2

Affected Versions Topaz SERVCore Teller 2.14.0-RC2
Topaz SERVCore Teller 2.14.1

CWE Classification

CWE-275 CWE-266

References

{
    "lastseen": "",
    "description": "A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue is some unknown functionality of the file SERVCoreTeller_2.0.40D.msi of the component Installer. Executing manipulation can lead to permission issues. The attack needs to be launched locally. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-09-25T11:02:05.879Z",
    "modified": "2025-09-25T11:02:05.879Z",
    "type": "cve",
    "title": "Topaz SERVCore Teller Installer SERVCoreTeller_2.0.40D.msi permission",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.325811\nhttps://vuldb.com/?ctiid.325811\nhttps://vuldb.com/?submit.651434\nhttps://raw.githubusercontent.com/securityadvisories/Security-Advisories/refs/heads/main/Advisories/Blaze%20Information%20Security%20-%20Local%20Privilege%20Escalation%20via%20Insecure%20Directory%20Permissions%20in%20SERVCore%20Teller%20Installer.txt",
    "id": "CVE-2025-10941",
    "bulletinFamily": "",
    "cwe": [
        "CWE-275",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "Topaz SERVCore Teller 2.14.0-RC2\nTopaz SERVCore Teller 2.14.1",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SERVCore Teller",
    "version": "2.14.0-RC2",
    "vendor": "Topaz",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}