High severity7.0NVD Advisory· Published Nov 6, 2025· Updated Apr 15, 2026
CVE-2025-37735
CVE-2025-37735
Description
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: < 8.19.6, 9.1.6, 9.2.0 (see advisory)
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.