CVE-2025-64695_CVE-2025-64695

8.4 / 10

HIGH

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer.

Basic Information

ID CVE-2025-64695

Source jpcert

Published Nov 21, 2025 at 06:18

Affected Product

Vendor LogStare Inc.

Product Installer of LogStare Collector (for Windows)

Version 2.4.1 and earlier

Affected Versions LogStare Inc. Installer of LogStare Collector (for Windows) 2.4.1 and earlier

CWE Classification

CWE-427

References

{
    "lastseen": "",
    "description": "Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer.",
    "published": "2025-11-21T06:18:05.007Z",
    "modified": "2025-11-21T06:18:05.007Z",
    "type": "cve",
    "title": "CVE-2025-64695",
    "source": "jpcert",
    "references": "https://www.logstare.com/vulnerability/2025-001/\nhttps://jvn.jp/en/jp/JVN77560819/",
    "id": "CVE-2025-64695",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "LogStare Inc. Installer of LogStare Collector (for Windows) 2.4.1 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 8.4,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Installer of LogStare Collector (for Windows)",
    "version": "2.4.1 and earlier",
    "vendor": "LogStare Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}