← back
CVE-2025-49797

CVE-2025-49797

CVSS 8.5 HIGHEPSS 0.1%CWE-552
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.5EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 Jun 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
BROTHER INDUSTRIES, LTD. · Multiple driver installers for WindowsRicoh Company, Ltd. · Multiple driver installers for WindowsToshiba Tec Corporation · Multiple driver installers for Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/vu/JVNVU91819309/https://support.brother.com/g/s/security/https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009https://www.toshibatec.com/information/20250625_01.html