Unquoted Search Path Vulnerability in Seagate Toolkit for Windows
CVE-2025-9043

6.7MEDIUM

Key Information:

Vendor: Seagate
Status: Toolkit
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-9043?

The Seagate Toolkit for Windows prior to version 2.34.0.33 is susceptible to an unquoted search path vulnerability. This flaw allows an attacker with Admin privileges to exploit the executable path of the service. By placing a malicious Program.exe file in a writable directory, the attacker could trigger the execution of the file with SYSTEM privileges, enabling unauthorized control over the affected system.

Affected Version(s)

Toolkit Windows 0 < 2.34.0.33

References

https://www.seagate.com/support/software/toolkit/

https://www.seagate.com/product-security/#security-adviso...

CVSS V4

Score:

6.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Aug 14, 2025

JSON