CVE-2025-22890

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.0 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

E

xecution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained.

References

Link	Resource
https://jvn.jp/en/jp/JVN66673020/	Third Party Advisory
https://www.hummingheads.co.jp/dep/storelist/	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:hummingheads:defense_platform:*:*:*:*:home:*:*:*

History

04 Feb 2026, 20:24

Type	Values Removed	Values Added
References	~~() https://jvn.jp/en/jp/JVN66673020/ -~~	() https://jvn.jp/en/jp/JVN66673020/ - Third Party Advisory
References	~~() https://www.hummingheads.co.jp/dep/storelist/ -~~	() https://www.hummingheads.co.jp/dep/storelist/ - Product
CVSS	v2 : ~~unknown~~ v3 : ~~6.5~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:a:hummingheads:defense_platform:::::home:::*
Summary		(es) Existe un problema de ejecución con privilegios innecesarios en Defense Platform Home Edition Ver.3.9.51.x y versiones anteriores. Si un atacante realiza una operación específica, puede obtener el privilegio SYSTEM del sistema Windows en el que se ejecuta el producto.
First Time		Hummingheads defense Platform Hummingheads

06 Feb 2025, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-06 07:15

Updated : 2026-02-04 20:24

NVD link : CVE-2025-22890

Mitre link : CVE-2025-22890

CVE.ORG link : CVE-2025-22890

JSON object : View

Products Affected

hummingheads

defense_platform

CWE

CWE-250

Execution with Unnecessary Privileges

{"id": "CVE-2025-22890", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.0}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}]}, "published": "2025-02-06T07:15:17.113", "references": [{"url": "https://jvn.jp/en/jp/JVN66673020/", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://www.hummingheads.co.jp/dep/storelist/", "tags": ["Product"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-250"}]}], "descriptions": [{"lang": "en", "value": "Execution with unnecessary privileges issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained."}, {"lang": "es", "value": "Existe un problema de ejecuci\u00f3n con privilegios innecesarios en Defense Platform Home Edition Ver.3.9.51.x y versiones anteriores. Si un atacante realiza una operaci\u00f3n espec\u00edfica, puede obtener el privilegio SYSTEM del sistema Windows en el que se ejecuta el producto."}], "lastModified": "2026-02-04T20:24:42.200", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hummingheads:defense_platform:*:*:*:*:home:*:*:*", "vulnerable": true, "matchCriteriaId": "6B192BB2-AB8A-49B5-A8EC-06D30F135E87", "versionEndIncluding": "3.9.51.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}