Privilege Escalation Vulnerability in Panda Security Products
CVE-2025-34109

8.5HIGH

Key Information:

Vendor: Panda Security
Status: Panda Global Protection 2016; Panda Antivirus Pro 2016; Panda Small Business Protection; Panda Internet Security 2016
Vendor: CVE Published:; 15 July 2025

🔔 Create Panda Security Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-34109?

The PSEvents.exe component in several Panda Security applications operates with elevated SYSTEM privileges and is susceptible to loading DLL files from directories that can be modified by users. This vulnerability allows attackers with limited access to exploit the situation by placing malicious DLL files in the monitored directory, potentially leading to arbitrary code execution at a SYSTEM level. The affected versions include Panda Global Protection, Panda Antivirus Pro, Panda Small Business Protection, and Panda Internet Security from the year 2016, all versions up to 16.1.2. Users are urged to take necessary actions to mitigate this risk.

Affected Version(s)

Panda Antivirus Pro 2016 * <= 16.1.2

Panda Global Protection 2016 * <= 16.1.2

Panda Internet Security 2016 * <= 16.1.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-34109 - Proof of Concept