Severity: High
CVE ID: CVE-2025-4681
Details
These advisory addresses vulnerability in the agent elevation control function where it sometimes fails to remove elevation if computer is restarted when user is in elevated mode.
Problem type: CWE-269
Impact: CAPECT-122
Applicability
This advisory is applicable only when
| Product Name | Impacted Version(s) | Fixed Version(s) | Released On |
| upKeeper Instant Privilege Access | 1.3.1 and below | 1.4.0 | 2025-05-21 |
Impact
This vulnerability gives user uncontrolled elevated rights on all processes started after user is logged on to the local computer.
Fix
This issue can be fixed by updating upKeeper Instant Privilege Access agent to version 1.4.0 or later.
Acknowledgements
This vulnerability was reported as a bug by a partner of upKeeper Solutions.
Please contact our security team (secure@upkeeper.se) for security related questions and product support (help@upkeeper.se) for questions about our products or services.
Comments
0 comments
Please sign in to leave a comment.