Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.

CVE Database V5

Detailed information about CVE-2025-6250: CWE-424 in BeyondTrust Privilege Management for Windows affecting BeyondTrust Privilege Management for Windows. Get re

CVE-2025-6250: CWE-424 in BeyondTrust Privilege Management for Windows - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-6250: CWE-424 in BeyondTrust Privilege Management for Windows

A reflected cross-site scripting (xss) vulnerability exists in the radiationDoseReport.php functionality of meddream MedDream PACS Premium 7.3.5.860. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.

CVE-2025-32731 is a reflected Cross-Site Scripting (XSS) vulnerability identified in MedDream PACS Premium version 7.3.5.860, specifically within the radiationDoseReport.php functionality. This vulnerability arises due to improper neutralization of input during web page generation (CWE-79), allowing an attacker to craft a malicious URL that, when visited by a user, executes arbitrary JavaScript code in the context of the victim's browser session. The vulnerability is classified as reflected XSS, meaning the malicious script is not stored on the server but reflected off a web page in response to a crafted request. Exploitation requires no authentication (AV:N), has low attack complexity (AC:L), and requires user interaction (UI:R) since the victim must click or visit the malicious URL. The scope is changed (S:C), indicating that the vulnerability can affect resources beyond the vulnerable component, potentially impacting the confidentiality and integrity of data accessible through the application. The CVSS v3.1 base score is 6.1, categorized as medium severity. The impact includes potential theft of session cookies, user impersonation, redirection to malicious sites, or execution of unauthorized actions within the PACS web interface. MedDream PACS Premium is a Picture Archiving and Communication System widely used in medical imaging environments to store and manage radiology images and reports. The radiationDoseReport.php page likely displays radiation dose information, which may contain sensitive patient data. No known exploits are currently reported in the wild, and no patches or mitigation links have been provided yet.

Detailed information about CVE-2025-32731: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in MedDream MedDream PAC

CVE-2025-32731: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in MedDream MedDream PACS Premium - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-32731: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in MedDream MedDream PACS Premium

A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php file can lead to elevated capabilities. An attacker can upload a malicious file to trigger this vulnerability.

CVE-2025-27724 is a critical privilege escalation vulnerability identified in MedDream PACS Premium version 7.3.3.840, a medical imaging software used for managing and viewing PACS (Picture Archiving and Communication System) data. The vulnerability stems from improper access control (CWE-284) in the login.php functionality. Specifically, the flaw allows an attacker to upload a specially crafted PHP file, which can then be executed to escalate privileges without requiring any authentication or user interaction. This vulnerability is particularly severe because it enables an unauthenticated attacker with local access (or potentially remote if upload functionality is exposed) to gain elevated capabilities, compromising confidentiality, integrity, and availability of the system. The CVSS v3.1 score of 9.3 (critical) reflects the high impact and ease of exploitation, with a scope change indicating that the vulnerability affects resources beyond the initially vulnerable component. The absence of known exploits in the wild suggests it is a recently disclosed vulnerability, but the critical nature demands immediate attention. Given the role of MedDream PACS in handling sensitive medical imaging data, exploitation could lead to unauthorized access to patient records, manipulation or deletion of medical images, and disruption of clinical workflows.

Detailed information about CVE-2025-27724: CWE-284: Improper Access Control in MedDream MedDream PACS Premium affecting MedDream MedDream PACS Premium. Get real

CVE-2025-27724: CWE-284: Improper Access Control in MedDream MedDream PACS Premium - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-27724: CWE-284: Improper Access Control in MedDream MedDream PACS Premium

An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium 7.3.3.840.
A specially crafted application can decrypt credentials stored in a configuration-related registry key.
An attacker can execute a malicious script or application to exploit this vulnerability.

CVE-2025-26469 is a critical security vulnerability identified in MedDream PACS Premium version 7.3.3.840, a medical imaging software widely used for managing and viewing medical images. The vulnerability arises from incorrect default permission assignments in the CServerSettings::SetRegistryValues functionality. Specifically, the issue allows a specially crafted application to decrypt credentials stored within a configuration-related Windows registry key. This registry key contains sensitive authentication data that, if accessed by unauthorized actors, can lead to a full compromise of the affected system. The vulnerability is classified under CWE-732, which pertains to incorrect permission assignment for critical resources, indicating that the permissions set on the registry key are overly permissive or improperly configured, enabling unauthorized access. Exploitation does not require user interaction or prior authentication, and the attack vector is local (AV:L), meaning the attacker must have local access to the system to execute a malicious script or application that leverages this flaw. The vulnerability impacts confidentiality, integrity, and availability, as attackers can obtain credentials, potentially escalate privileges, and execute arbitrary code or scripts, leading to full system compromise. The CVSS v3.1 base score is 9.3, reflecting its critical severity with high impact on all security aspects and low attack complexity. No known exploits in the wild have been reported yet, but the vulnerability's nature and severity make it a high-priority risk for organizations using this software. Given that MedDream PACS Premium is a specialized healthcare product, the vulnerability poses significant risks to healthcare providers, potentially exposing sensitive patient data and disrupting critical medical imaging services.

Detailed information about CVE-2025-26469: CWE-732: Incorrect Permission Assignment for Critical Resource in MedDream MedDream PACS Premium affecting MedDream M

CVE-2025-26469: CWE-732: Incorrect Permission Assignment for Critical Resource in MedDream MedDream PACS Premium - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-26469: CWE-732: Incorrect Permission Assignment for Critical Resource in MedDream MedDream PACS Premium

Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.

Detailed information about CVE-2025-2297: CWE-268 in BeyondTrust Privilege Management for Windows affecting BeyondTrust Privilege Management for Windows. Get re

CVE-2025-2297: CWE-268 in BeyondTrust Privilege Management for Windows

CVE-2025-2297: CWE-268 in BeyondTrust Privilege Management for Windows

Description

Technical Details

Related Threats

CVE-2025-6250: CWE-424 in BeyondTrust Privilege Management for Windows

CVE-2025-32731: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in MedDream MedDream PACS Premium

CVE-2025-27724: CWE-284: Improper Access Control in MedDream MedDream PACS Premium

CVE-2025-26469: CWE-732: Incorrect Permission Assignment for Critical Resource in MedDream MedDream PACS Premium

CVE-2025-24485: CWE-918: Server-Side Request Forgery (SSRF) in MedDream MedDream PACS Premium

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility