Unrated severityNVD Advisory· Published Dec 17, 2025· Updated Dec 18, 2025

CVE-2025-67794

Description

An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 before 24.2.8, and 25.1 before 25.1.6. Directories and files created by the agent are created with overly permissive ACLs, allowing local users without administrator rights to trigger actions or destabilize the agent.

Affected products

DriveLock/DriveLockdescription
Centertools/Drivelockllm-fuzzy
Range: 24.1.*, <24.2.8, <25.1.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

drivelock.help/sb/Content/SecurityBulletins/25-009-AgIncPermissions.htmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000