CVE-2025-1055 MEDIUM

CVE-2025-1055: K7 Security Anti-Malware: IOCTL in K7RKScan.sys Allows Arbitrary Termination of High-Privilege and System Processes by a Low-Privilege User

Vendor K7 Security
Product K7 Security Anti-Malware
Weakness CWE-862 · Missing authorization
Published June 10, 2025
Last update June 11, 2025

CVSS base score

5.6/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected by the operating system. This flaw stems from missing access control in the driver's IOCTL handler, enabling unprivileged users to perform privileged actions in kernel space. Successful exploitation can lead to denial of service by disrupting critical services or privileged applications.

Key dates

02Disclosure timeline

June 10, 2025 CVE published
June 11, 2025 Record updated

Related vulnerabilities

04Related CVE