Vulnerability Description
Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Secuavail | Logstare Collector | < 2.4.2 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN77560819/Third Party Advisory
- https://www.logstare.com/vulnerability/2025-001/Vendor Advisory
FAQ
What is CVE-2025-64695?
CVE-2025-64695 is a vulnerability with a CVSS score of 7.8 (HIGH). Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be executed with the privilege of the user invoking the installer.
How severe is CVE-2025-64695?
CVE-2025-64695 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-64695?
Check the references section above for vendor advisories and patch information. Affected products include: Secuavail Logstare Collector, Microsoft Windows.