CVE-2025-37735_CVE-2025-37735

7 / 10

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.

Basic Information

ID CVE-2025-37735

Source elastic

Published Nov 6, 2025 at 14:27

Modified Nov 6, 2025 at 14:42

Affected Product

Vendor Elastic

Product Kibana

Version 8.0.0

Affected Versions Elastic Kibana 8.0.0
Elastic Kibana 9.0.0

CWE Classification

CWE-281

References

discuss.elastic.co /t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272

{
    "lastseen": "",
    "description": "Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.",
    "published": "2025-11-06T14:27:26.235Z",
    "modified": "2025-11-06T14:42:11.248Z",
    "type": "cve",
    "title": "CVE-2025-37735",
    "source": "elastic",
    "references": "https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272",
    "id": "CVE-2025-37735",
    "bulletinFamily": "",
    "cwe": [
        "CWE-281"
    ],
    "cvelist": null,
    "sourceData": "Elastic Kibana 8.0.0\nElastic Kibana 9.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Kibana",
    "version": "8.0.0",
    "vendor": "Elastic",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}