CVE-2025-35978 – UpdateNavi UpdateNaviInstallService Remote Code Execution

CVE ID : CVE-2025-35978

Published : June 12, 2025, 6:15 a.m. | 44 minutes ago

Description : Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2025-4227 – Palo Alto Networks GlobalProtect Unencrypted Packet Injection Vulnerability

CVE-2025-4229 – Palo Alto Networks PAN-OS SD-WAN Information Disclosure Vulnerability

CVE-2025-5491 – Acer ControlCenter Remote Code Execution Vulnerability

CVE-2025-5841 – WordPress ACF Onyx Poll Stored Cross-Site Scripting Vulnerability