CVE-2025-10475

MEDIUM

SpyShelter <15.4.0.1015 - DoS

Title source: llm

Description

A weakness has been identified in SpyShelter up to 15.4.0.1015. Affected is an unknown function in the library SpyShelter.sys of the component IOCTL Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. Upgrading to version 15.4.0.1028 is able to address this issue. It is advisable to upgrade the affected component.

References (5)

[Permissions Required, VDB Entry] https://vuldb.com/?id.323906

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.323906

[Permissions Required, VDB Entry] https://vuldb.com/?submit.648484

[Various Sources] https://www.yuque.com/u28538081/sea4q5/aokhgdfpf5ueguk5

[Various Sources] https://www.spyshelter.com/help/SpyShelter-Changelog#15401028-3sep2025

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 6.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-404

Status published

Products (2)

n/a/SpyShelter 15.4.0.1015

n/a/SpyShelter 15.4.0.1028

Published Sep 15, 2025

Tracked Since Feb 18, 2026