Security Bulletin #25-001 - DriveLock Agent: Remote Privilege Escalation (CVE-2025-55187)

First published: 2025-08-07

Last updated: 2025-09-26

CVSS Score: CRITICAL 9.9 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected product(s): DriveLock SE — DriveLock Agent (see versions below)

Disclosure status: Coordinated

Vulnerability type / classification: Incorrect Access Control (Privilege Escalation)

Attack type: Remote

Attack vector: Network

Summary

In DriveLock 24.1.4 (prior to 24.1.5), 24.2.5 (prior to 24.2.6), and 25.1.2 (prior to 25.1.4), attackers can gain elevated privileges on affected Windows systems.

Description

An incorrect access control in the DriveLock Agent allows a remote attacker on the same network to escalate privileges on a vulnerable Windows endpoint. The vulnerability is present in the specified Agent releases and is addressed in the patched releases listed below.

Affected versions

DriveLock 24.1.4 — vulnerable (fixed in 24.1.5)
DriveLock 24.2.5 — vulnerable (fixed in 24.2.6)
DriveLock 25.1.2 — vulnerable (fixed in 25.1.4)

References

CVE-2025-55187 (reserved) — official record will be available on MITRE once published.

Mitigation

Update to the patched versions immediately

Fixed in

DriveLock 24.1.5
DriveLock 24.2.6
DriveLock 25.1.4

How to update your environment

To ensure continued protection, we require an update to at least version 2024.1 Patch 3 (EoL December 2025). However, we strongly recommend upgrading directly to version 25.1 Patch 2 (25.1.4) to benefit from the latest security improvements and extended support.

Older versions are also affected by this issue but are no longer eligible for patches due to End-of-Life (EoL) status. For a list of currently supported DriveLock versions, please refer to our End-of-Life information.

Independent of this specific issue, we always recommend using the latest available DriveLock release to benefit from ongoing improvements and the highest level of security.