CVE-2025-10475
MEDIUMSpyShelter < 15.4.0.1028 - Denial of Service in IOCTL Handler
Title source: llmDescription
A weakness has been identified in SpyShelter up to 15.4.0.1015. Affected is an unknown function in the library SpyShelter.sys of the component IOCTL Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. Upgrading to version 15.4.0.1028 is able to address this issue. It is advisable to upgrade the affected component.
References (5)
Core 5
Core References
Permissions Required, VDB Entry vdb-entry
https://vuldb.com/?id.323906
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.323906
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.648484
Various Sources exploit
https://www.yuque.com/u28538081/sea4q5/aokhgdfpf5ueguk5
Various Sources release-notes
https://www.spyshelter.com/help/SpyShelter-Changelog#15401028-3sep2025
Scores
CVSS v3
5.5
EPSS
0.0014
EPSS Percentile
3.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-404
Status
published
Products (2)
n/a/SpyShelter
15.4.0.1015
n/a/SpyShelter
15.4.0.1028
Published
Sep 15, 2025
Tracked Since
Feb 18, 2026