CVE Daily

CVE-2025-9043

The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on...

Medium CVSS 6.7

Overview

The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search Path or Element. An attacker with write permissions to the root could place a malicious Program.exe file, which would execute with SYSTEM privileges.

CWE: CWE-428 Published: 2025-08-14T17:15:42.610
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.7 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags