Local Privilege Escalation in Topaz SERVCore Teller by Topaz
CVE-2025-10941

8.5HIGH

Key Information:

Vendor

Topaz

Status
Servcore Teller
Vendor
CVE Published:
25 September 2025

What is CVE-2025-10941?

A local privilege escalation vulnerability exists in the Topaz SERVCore Teller Installer. Specifically, the issue pertains to the Installer component found in the file SERVCoreTeller_2.0.40D.msi, which may lead to inappropriate permission handling. Exploiting this vulnerability requires local access and can result in unauthorized access to resources or functionalities within the system. Despite disclosure attempts, the vendor has not responded regarding this critical issue.

Affected Version(s)

SERVCore Teller 2.14.0-RC2

SERVCore Teller 2.14.1

References

https://vuldb.com/?id.325811
vdb-entry
https://vuldb.com/?ctiid.325811
signaturepermissions-required
https://vuldb.com/?submit.651434
third-party-advisory

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.