vuln disclosure
OpenEDR <= v2.5.1.0 Local Privilege Escalation via Self-Defense Bypass and DLL Injection Path ModificationCVE-2025-69783, CVE-2025-69784
Two critical vulnerabilities were disclosed in OpenEDR version 2.5.1.0 and earlier. CVE-2025-69783 allows bypassing the self-defense mechanism by spoofing the process name to gain trusted status. CVE-2025-69784 enables local privilege escalation by modifying the DLL injection path used by the EDR's user-mode injector, allowing an attacker to load a malicious DLL into a privileged process.