CVE-2025-61156

Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbitrary...

Basic Information

CVE State: PUBLISHED
Reserved Date: September 26, 2025
Published Date: October 29, 2025
Last Updated: October 30, 2025
Vendor: n/a
Product: n/a
Description: Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbitrary commands via an insecure IOCTL.

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: none
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2025-10-27 16:53:52 UTC) Source

References

https://threatfire.informer.com/download/ https://github.com/D7EAD https://github.com/D7EAD/CVE-2025-61156

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-10-27 16:53:52 UTC

Timeline

CVE ID Reserved

September 26, 2025
Added to KEVIntel

October 27, 2025
CVE Published to Public

October 29, 2025