{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40672", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "state": "PUBLISHED", "assignerShortName": "INCIBE", "dateReserved": "2025-04-16T08:38:14.998Z", "datePublished": "2025-05-26T09:05:40.862Z", "dateUpdated": "2025-06-06T12:00:34.218Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Panloader.exe", "vendor": "Grupo Espiral MS", "versions": [{"lessThan": "3.16.0.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Pablo Arriaga Perez"}], "datePublic": "2025-05-26T08:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Privilege Escalation vulnerability has been found in Panloader component v3.24.0.0 by Espiral MS Group. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. This would allow an attacker to obtain administrator permissions to perform whatever activities he/she wants, shuch as accessing sensitive information, executing code remotely, and even causing a denial of service (DoS).\n\n<br>"}], "value": "A Privilege Escalation vulnerability has been found in Panloader component v3.24.0.0 by Espiral MS Group. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. This would allow an attacker to obtain administrator permissions to perform whatever activities he/she wants, shuch as accessing sensitive information, executing code remotely, and even causing a denial of service (DoS)."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.5, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2025-06-06T12:00:34.218Z"}, "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/privilege-escalation-proactivanet-espiral-ms-group"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The manufacturer has released a new version of Panloader that fixes the reported vulnerability. It is recommended to upgrade to Panloader version 3.16.0.0.0 or higher."}], "value": "The manufacturer has released a new version of Panloader that fixes the reported vulnerability. It is recommended to upgrade to Panloader version 3.16.0.0.0 or higher."}], "source": {"discovery": "EXTERNAL"}, "title": "Privilege Escalation in Panloader.exe", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-27T14:24:27.243839Z", "id": "CVE-2025-40672", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-27T14:24:32.455Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-40672", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-27T14:24:27.243839Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-27T14:24:29.946Z"}}], "cna": {"title": "Privilege Escalation in Panloader.exe", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Pablo Arriaga Perez"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Grupo Espiral MS", "product": "Panloader.exe", "versions": [{"status": "affected", "version": "0", "lessThan": "3.16.0.0.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The manufacturer has released a new version of Panloader that fixes the reported vulnerability. It is recommended to upgrade to Panloader version 3.16.0.0.0 or higher.", "supportingMedia": [{"type": "text/html", "value": "The manufacturer has released a new version of Panloader that fixes the reported vulnerability. It is recommended to upgrade to Panloader version 3.16.0.0.0 or higher.", "base64": false}]}], "datePublic": "2025-05-26T08:00:00.000Z", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/privilege-escalation-proactivanet-espiral-ms-group"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A Privilege Escalation vulnerability has been found in Panloader component v3.24.0.0 by Espiral MS Group. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. This would allow an attacker to obtain administrator permissions to perform whatever activities he/she wants, shuch as accessing sensitive information, executing code remotely, and even causing a denial of service (DoS).", "supportingMedia": [{"type": "text/html", "value": "A Privilege Escalation vulnerability has been found in Panloader component v3.24.0.0 by Espiral MS Group. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. This would allow an attacker to obtain administrator permissions to perform whatever activities he/she wants, shuch as accessing sensitive information, executing code remotely, and even causing a denial of service (DoS).\n\n<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2025-06-06T12:00:34.218Z"}}}, "cveMetadata": {"cveId": "CVE-2025-40672", "state": "PUBLISHED", "dateUpdated": "2025-06-06T12:00:34.218Z", "dateReserved": "2025-04-16T08:38:14.998Z", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "datePublished": "2025-05-26T09:05:40.862Z", "assignerShortName": "INCIBE"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A Privilege Escalation vulnerability has been found in Panloader component v3.24.0.0 by Espiral MS Group. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. This would allow an attacker to obtain administrator permissions to perform whatever activities he/she wants, shuch as accessing sensitive information, executing code remotely, and even causing a denial of service (DoS)."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de escalada de privilegios en ProactivaNet v3.24.0.0 de Grupo Espiral MS. Esta vulnerabilidad permite a cualquier usuario anular el archivo panLoad.exe, que ser\u00e1 ejecutado por el usuario SYSTEM mediante una tarea programada. Esto permitir\u00eda a un atacante obtener permisos de administrador para realizar cualquier actividad que desee, como acceder a informaci\u00f3n confidencial, ejecutar c\u00f3digo remotamente e incluso provocar una denegaci\u00f3n de servicio (DoS)."}], "id": "CVE-2025-40672", "lastModified": "2025-05-28T15:01:30.720", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2025-05-26T10:15:21.020", "references": [{"source": "cve-coordination@incibe.es", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/privilege-escalation-proactivanet-espiral-ms-group"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}]}

{}