Local Privilege Escalation Vulnerability in K7 Security Anti-Malware Suite
CVE-2025-1055

5.6MEDIUM

Key Information:

Vendor: K7 Security
Status: K7 Security Anti-malware
Vendor: CVE Published:; 11 June 2025

🔔 Create K7 Security Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-1055?

A vulnerability in the K7 Security Anti-Malware suite's K7RKScan.sys driver allows low-privilege users to send specially crafted IOCTL requests, which can terminate numerous processes that run with higher privileges. This vulnerability is due to inadequate access controls within the driver's IOCTL handler, permitting unprivileged users to execute actions typically reserved for privileged accounts in kernel space. If exploited, this flaw can cause significant disruptions, leading to denial of service for critical services or applications.

Affected Version(s)

K7 Security Anti-Malware Windows 0 < 23.0.0.10

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-1055-poc
Created by diego-tella

References

https://pentraze.com/

https://pentraze.com/vulnerability-reports/

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

🟡
Public PoC available
Sep 4, 2025
👾
Exploit known to exist
Sep 4, 2025
Vulnerability published
Jun 11, 2025

JSON