216.73.217.50

CVE-2018-25359

· Published 25/05/2026 15:16 · Modified 26/05/2026 19:47

Labels: CVE-2018-25359 2026-05-25CVE-2018-25359CWE-276[email protected]

Essential information

Published
25/05/2026 15:16
Modified
26/05/2026 19:47
Author
Creator
CVSS
8.6 HIGH (v3) 8.6 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious executable that executes with LocalSystem privileges when the service is triggered.

NVD status

Status
Deferred — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
splinterware / scheduler pro cpe:2.3:a:splinterware:scheduler_pro:5.12:*:*:*:*:*:*:*

References