CVE-2025-68921

HIGH

SteelSeries Nahimic 3 <1.10.7 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2025-68921. PoCs published by ZeroMemoryEx, kikiuuw, kalibb.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2025-68921, leveraging Windows file oplocks and directory manipulation to achieve privilege escalation. The code demonstrates a race condition in the Windows file system driver by creating and manipulating directories and files to trigger the vulnerability.

Description

SteelSeries Nahimic 3 1.10.7 allows Directory traversal.

Exploits (4)

nomisec WORKING POC 59 stars
by ZeroMemoryEx · poc
https://github.com/ZeroMemoryEx/CVE-2025-68921

This repository contains a functional proof-of-concept exploit for CVE-2025-68921, leveraging Windows file oplocks and directory manipulation to achieve privilege escalation. The code demonstrates a race condition in the Windows file system driver by creating and manipulating directories and files to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Microsoft Windows (specific version not specified)
No auth needed
Prerequisites: Access to a vulnerable Windows system · Ability to execute arbitrary code on the target system
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC
by kikiuuw · poc
https://github.com/kikiuuw/CVE-2025-68921

This repository contains a functional exploit PoC for CVE-2025-68921, leveraging Windows file oplocks and directory manipulation to achieve local privilege escalation. The code demonstrates a race condition involving directory creation, oplock handling, and file operations to exploit the vulnerability.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Microsoft Windows (specific version not specified)
No auth needed
Prerequisites: Local access to the target system · Ability to create directories and files in specific locations
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec WORKING POC
by kalibb · poc
https://github.com/kalibb/CVE-2025-68921

The repository contains functional exploit code for CVE-2025-68921, demonstrating a local privilege escalation (LPE) via oplock manipulation and directory junction abuse in Windows. The PoC leverages file system operations and callback mechanisms to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Microsoft Windows (specific version not specified)
No auth needed
Prerequisites: Local access to the target system · Ability to create directories and manipulate file system objects
devstral-2 · analyzed Feb 19, 2026 Full analysis →
nomisec SUSPICIOUS
by kikiuuw · poc
https://github.com/kikiuuw/kikiuuw.github.io

The repository lacks actual exploit code or technical details about CVE-2025-68921, instead pushing users to download an external installer. The content is marketing-focused with no vulnerability analysis.

Classification
Suspicious 95%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Nahimic (version unspecified)
No auth needed
Prerequisites: none specified
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.8
EPSS 0.0032
EPSS Percentile 24.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-22
Status published
Products (1)
steelseries/nahimic < 1.10.4
Published Jan 16, 2026
Tracked Since Feb 18, 2026