Privilege Escalation Vulnerability in ThreatSonar Anti-Ransomware by TeamT5
CVE-2025-4477

8.6HIGH

Key Information:

Vendor: Teamt5
Status: Threatsonar Anti-ransomware
Vendor: CVE Published:; 19 May 2025

What is CVE-2025-4477?

A vulnerability in ThreatSonar Anti-Ransomware by TeamT5 permits remote attackers with intermediate privileges to escalate their access rights to the highest level of administrator. This exploit occurs through a specific API, effectively allowing unauthorized users to take control of sensitive areas of the system, potentially compromising critical data and security controls.

Affected Version(s)

ThreatSonar Anti-Ransomware 0 <= 3.8.0

References

https://www.twcert.org.tw/tw/cp-132-10129-18ea3-1.html

third-party-advisory

https://www.twcert.org.tw/en/cp-139-10130-c0959-2.html

third-party-advisory

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2025
Vulnerability Reserved
May 9, 2025

Teamt5

What is CVE-2025-4477?

Affected Version(s)

References

CVSS V4

Timeline