Local Privilege Escalation in JetBrains Products Various Versions
CVE-2025-23385
7.8HIGH
Key Information:
- Vendor
Jetbrains
- Vendor
- CVE Published:
- 28 January 2025
What is CVE-2025-23385?
A vulnerability affecting JetBrains' ReSharper, Rider, dotTrace, and ETW Host Service may allow local privilege escalation. This security flaw exists in various versions prior to specific updates, potentially enabling unauthorized users to gain elevated access privileges within the system. Users are urged to update their applications to mitigate the risk associated with this vulnerability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
dotTrace 2024.3 < 2024.3.4
dotTrace 2024.2 < 2024.2.8
dotTrace 0 < 2024.1.7
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved