CVE-2025-2768 – Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation

April 23, 2025

CVE ID : CVE-2025-2768

Published : April 23, 2025, 5:16 p.m. | 1 hour, 42 minutes ago

Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2770 – BEC Technologies Router Cleartext Password Disclosure

Next Article CVE-2025-2761 – GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

‘Job Hugging’ Trend Emerges as Workers Confront AI Uncertainty

Distribution Release: MocaccinoOS 25.09

Composition in CSS

DataCrunch raises €55M to boost EU AI sovereignty with green cloud infrastructure

Finally, safe array methods in JavaScript

Finally, safe array methods in JavaScript

Perficient Interviewed for Forrester Report on AI’s Transformative Role in DXPs

Perficient’s “What If? So What?” Podcast Wins Gold Stevie® Award for Technology Podcast

Distribution Release: MocaccinoOS 25.09

Distribution Release: MocaccinoOS 25.09

Speed Isn’t Everything When Buying SSDs – Here’s What Really Matters!

14 Themes for Beautifying Your Ghostty Terminal

CVE-2025-2768 – Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation

Qantas Airways Slashes CEO Bonus After Cyberattack Exposes 5.7 Million Customers

UAE Cyber Security Council Flags 70% Smart Home Devices as Vulnerable

Critical AWS Amplify Studio Vulnerability Let Attackers Execute Arbitrary Code

Final Fantasy XVI producer doubles down on multiplatform strategy for Xbox — comments on popularity ofturn-basedRPGS

How to Use the CSS text-wrap Property to Create Balanced Text Layouts on Your Websites

Microsoft Reveals Critical Security Flaw Affecting macOS’s Spolight

AI updates from the past week: Anthropic launches Claude 4 models, OpenAI adds new tools to Responses API, and more — May 23, 2025

CVE-2025-45818 – Slims Senayan Library Management Systems SQL Injection Vulnerability

“In this next chapter with Xbox, we’re not just pushing pixels. We’re reimagining what’s possible” — AMD comments on its partnership with Microsoft

CVE-2025-30165 – vLLM ZeroMQ Remote Code Execution Vulnerability

CVE-2025-2768 – Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation

Related Posts