Security Bulletin #25-007 — DriveLock Agent: Local Privilege Escalation (CVE request)

First published: 2025-09-25

Last updated: 2025-09-29

CVE: CVE-2025-XXXXX (requested) — official record will be available on MITRE once published.

CVSS Score: HIGH 8.8 – CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected product(s): DriveLock SE — DriveLock Agent (Windows) (see versions below)

Disclosure status: Coordinated

Vulnerability type / classification: Incorrect Access Control (Local Privilege Escalation)

Attack type: Local

Attack vector: Exploitation of a local vulnerability

Summary

In DriveLock 24.1.4 (prior to 24.1.5), 24.2.5 (prior to 24.2.6), and 25.1.2 (prior to 25.1.4), attackers can gain elevated privileges on affected Windows systems.

Description

Local non-privileged users can manipulate a DriveLock process to execute arbitrary commands on Windows computers.

Affected versions

DriveLock 24.1 — vulnerable (fixed in 24.1.6)
DriveLock 24.2 — vulnerable (fixed in 24.2.7)
DriveLock 25.1 — vulnerable (fixed in 25.1.5)

Mitigation

Update to the patched versions immediately.

Fixed in

DriveLock 24.1.6
DriveLock 24.2.7
DriveLock 25.1.5

References

CVE-2025-XXXXX (requested) — official record will be available on MITRE once published.

How to update your environment

To ensure continued protection, an update to at least version 2024.1.6 (EoL December 2025) is required.
Our strong recommendation is to upgrade directly to version 25.1 Patch 3 (25.1.5) for optimal security and support.
Older versions are also affected but are no longer eligible for patches due to End-of-Life (EoL) status.

An overview of supported DriveLock versions is available upon request.

Additionally, regardless of this specific issue, we always recommend using the latest release of DriveLock to benefit from ongoing improvements and security enhancements.

A CVE has been requested and is currently under review by an official CNA authority. We will inform you once it is published.