CVE-2025-0664

Vulnerability Description

A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTEM-level privileges.

Related Weaknesses (CWE)

CWE-94

References

https://thrive.trellix.com/s/article/000014450

FAQ

What is CVE-2025-0664?

CVE-2025-0664 is a documented vulnerability. A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow...

How severe is CVE-2025-0664?

CVSS scoring is not yet available for CVE-2025-0664. Check NVD for updates.

Is there a patch for CVE-2025-0664?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.