How severe is CVE-2025-1369?

This vulnerability has a severity rating of LOW with a CVSS score of 4.5 out of 10.

What type of vulnerability is CVE-2025-1369?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2025-1369 - LOW Severity | CVSS 4.5

Vulnerability Description

A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerability is an unknown functionality of the component USB Password Handler. The manipulation leads to os command injection. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2019-1735

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on the underlying operating system of an affected...

CWE-772019

CVE-2025-25791

MEDIUM

CVSS:4.4(Medium)

An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows attackers to execute arbitrary code via uploading a crafted Zip file.

CWE-772025

CVE-2025-25792

MEDIUM

CVSS:4.4(Medium)

SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen parameter at admin_weixin.php.

CWE-772025

CVE-2017-6184

MEDIUM

CVSS:4.7(Medium)

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.

CWE-772017

CVE-2019-12629

MEDIUM

CVSS:4.7(Medium)

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The...

CWE-772019

CVE-2021-22868

MEDIUM

CVSS:4.3(Medium)

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not...

CWE-772021