Vulnerability Description
Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege is a Windows permission that allows a process to impersonate another user. An attacker can use this vulnerability to escalate their privileges and take complete control of the system.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-0416?
CVE-2025-0416 is a documented vulnerability. Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user wit...
How severe is CVE-2025-0416?
CVSS scoring is not yet available for CVE-2025-0416. Check NVD for updates.
Is there a patch for CVE-2025-0416?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.