CVE-2025-4769
HIGHCBEWIN Anytxt Searcher 1.3.1128.0 - Uncontrolled Search Path
Title source: llmDescription
A vulnerability classified as critical was found in CBEWIN Anytxt Searcher 1.3.1128.0. This vulnerability affects unknown code of the file ATService.exe. The manipulation leads to uncontrolled search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult.
References (4)
Core 4
Core References
Permissions Required, VDB Entry vdb-entry
https://vuldb.com/?id.309070
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.309070
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.571820
Various Sources broken-link
https://www.yuque.com/ba1ma0-an29k/nnxoap/ds2f8b1hdc4ng9zg?singleDoc
Scores
CVSS v3
7.0
EPSS
0.0015
EPSS Percentile
4.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-426
CWE-427
Status
published
Products (1)
CBEWIN/Anytxt Searcher
1.3.1128.0
Published
May 16, 2025
Tracked Since
Feb 18, 2026