Valmet DNA local privilege escalation through insecure DCOM configuration
CVE-2025-0416
Summary | It is possible to gain SYSTEM privileges as any local user via a permission issue in the DCOM object. |
Impact | The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege is a Windows permission that allows a process to impersonate another user. An attacker can use this vulnerability to escalate their privileges and take complete control of the system. |
Issue date |
March 31, 2025
|
Affects | Valmet DNA systems C2022 and older. |
CVE Name | https://nvd.nist.gov/vuln/detail/CVE-2025-0416 |
CVS Details | CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:N/AU:Y/R:U/V:D/RE:H/U:Amber |
CVSS Score |
8.9
|
Solution | The new version is available from Valmet Automation Customer Service. |
Mitigations | |
Acknowledgements | Sixtus Leonhardsberger and Felix Eberstaller of LimesSecurity. |