CVE-2025-14305 HIGH

CVE-2025-14305: Acer|ListCheck.exe - Local Privilege Escalation

Vendor Acer
Product ListCheck.exe
Weakness CWE-863 · Incorrect authorization
Published December 17, 2025
Last update December 17, 2025

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

ListCheck.exe developed by Acer has a Local Privilege Escalation vulnerability. Authenticated local attackers can replace ListCheck.exe with a malicious executable of the same name, which will be executed by the system and result in privilege escalation.

Key dates

02Disclosure timeline

December 17, 2025 CVE published
December 17, 2025 Record updated