CVE-2025-11772 – Co-Installer Privilege Escalation

CVE ID : CVE-2025-11772

Published : Dec. 1, 2025, 7:15 p.m. | 1 hour, 9 minutes ago

Description : A carefully crafted DLL, copied to

C:ProgramDataSynaptics

folder, allows a local user to execute
arbitrary code with elevated privileges during driver installation.

Severity: 6.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-66312 – Grav Admin Plugin vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/accounts/groups/[group]` parameter `data[readableName]`

CVE-2025-66311 – Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` in Multiples parameters

CVE-2025-66310 – Grav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced Tab

CVE-2025-66309 – Grav vulnerable to Cross-Site Scripting (XSS) Reflected endpoint /admin/pages/[page], parameter data[header][content][items], located in the “Blog Config” tab