CVE-2025-15558: Insecure Programdata Search Path
Constructing executable or plugin search paths inside `C:\ProgramData` can lead to privilege escalation. Windows allows unprivileged users to create subdirectories inside `C:\ProgramData` by default. If a privileged process searches for an executable in a non-existent subdirectory of `ProgramData`, a low-privileged attacker can pre-create the directory and p
greprules fetch cve-2025-15558-insecure-programdata-search-path --engine opengrepDescription
Constructing executable or plugin search paths inside `C:\ProgramData` can lead to privilege escalation. Windows allows unprivileged users to create subdirectories inside `C:\ProgramData` by default. If a privileged process searches for an executable in a non-existent subdirectory of `ProgramData`, a low-privileged attacker can pre-create the directory and p
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.