Incorrect access control in the scheduled tasks console of Inova Logic CUSTOMER MONITOR (CM) v3.1.757.1 allows attackers to escalate privileges via placing a crafted executable into a scheduled task.
https://github.com/quriusfox/vulnerability-research/tree/main/CVE-2025-25598