Device Manager
by Certvde
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-41726 | Hig | 0.57 | 8.8 | 0.00 | Jan 27, 2026 | A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes. | ||
| CVE-2025-41727 | Hig | 0.51 | 7.8 | 0.00 | Jan 27, 2026 | A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access. |
- risk 0.57cvss 8.8epss 0.00
A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes.
- risk 0.51cvss 7.8epss 0.00
A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access.