CVE-2025-67794

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

17/12/2025

Last modified:

17/12/2025

Description

An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before 24.2.8, and 25.1 before 25.1.6. Directories and files created by the agent are created with overly permissive ACLs, allowing local users without administrator rights to trigger actions or destabilize the agent.

Impact

References to Advisories, Solutions, and Tools

https://drivelock.help/sb/Content/SecurityBulletins/25-009-AgIncPermissions.htm