CVE-2025-59485_CVE-2025-59485

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Description

Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. If this vulnerability is exploited, an arbitrary file could be placed in the specific folder by a user who can log in to the system where the product's Windows client is installed. If the file is a specially crafted DLL file, arbitrary code could be executed with SYSTEM privilege.

Basic Information

ID CVE-2025-59485

Source jpcert

Published Nov 25, 2025 at 07:20

Modified Nov 25, 2025 at 14:42

Affected Product

Vendor Intercom, Inc.

Product Security Point (Windows) of MaLion

Version prior to Ver.5.3.4

Affected Versions Intercom, Inc. Security Point (Windows) of MaLion prior to Ver.5.3.4

CWE Classification

CWE-276

References

{
    "lastseen": "",
    "description": "Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. If this vulnerability is exploited, an arbitrary file could be placed in the specific folder by a user who can log in to the system where the product's Windows client is installed. If the file is a specially crafted DLL file, arbitrary code could be executed with SYSTEM privilege.",
    "published": "2025-11-25T07:20:38.296Z",
    "modified": "2025-11-25T14:42:13.300Z",
    "type": "cve",
    "title": "CVE-2025-59485",
    "source": "jpcert",
    "references": "https://www.intercom.co.jp/information/2025/1125.html\nhttps://jvn.jp/en/jp/JVN76298784/",
    "id": "CVE-2025-59485",
    "bulletinFamily": "",
    "cwe": [
        "CWE-276"
    ],
    "cvelist": null,
    "sourceData": "Intercom, Inc. Security Point (Windows) of MaLion prior to Ver.5.3.4",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Security Point (Windows) of MaLion",
    "version": "prior to Ver.5.3.4",
    "vendor": "Intercom, Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}