CVE-2025-0886
HIGHElliptic Labs Virtual Lock Sensor - Privilege Escalation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2025-0886. PoCs published by JNDataRT.
AI-analyzed exploit summary This is a functional local privilege escalation (LPE) exploit for CVE-2025-0886 targeting Elliptic Virtual Lock Sensor version 3.1.60531.2 on Windows. It manipulates registry permissions and forces a reinstall to execute a payload as SYSTEM via the edgeupdate service.
Description
An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges.
Exploits (1)
This is a functional local privilege escalation (LPE) exploit for CVE-2025-0886 targeting Elliptic Virtual Lock Sensor version 3.1.60531.2 on Windows. It manipulates registry permissions and forces a reinstall to execute a payload as SYSTEM via the edgeupdate service.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H