216.73.217.80

CVE-2025-41726

· Published 27/01/2026 12:15 · Modified 27/01/2026 14:59

Labels: CVE-2025-41726 2026-01-27CVE-2025-41726CWE-190[email protected]

Essential information

Published
27/01/2026 12:15
Modified
27/01/2026 14:59
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / device manager cpe:2.3:a:*:device_manager:*:*:*:*:*:*:*:*

References