CVE-2025-24845

medium

Description

Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition.

References

https://www.hummingheads.co.jp/dep/storelist/

https://jvn.jp/en/jp/JVN66673020/

Details

Source: Mitre, NVD

Published: 2025-02-06

Updated: 2025-02-06

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.3

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H