CVE-2025-24845 MEDIUM

CVE-2025-24845

Vendor Humming Heads Inc.
Product Defense Platform Home Edition
Weakness CWE-88
Published February 6, 2025
Last update February 12, 2025

CVSS base score

6.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

Improper neutralization of argument delimiters in a command ('Argument Injection') issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system where the product is running, the system may cause a Blue Screen of Death (BSOD), and as a result, cause a denial-of-service (DoS) condition.

Key dates

02Disclosure timeline

February 6, 2025 CVE published
February 12, 2025 Record updated