CVE-2025-4455 | Patch My PC Home Updater up to 5.1.3.0 System.IO uncontrolled search path

A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. It has been rated as critical. This issue affects some unknown processing in the library advapi32.dll/BCrypt.dll/comctl32.dll/crypt32.dll/dwmapi.dll/gdi32.dll/gdiplus.dll/imm32.dll/iphlpapi.dll/kernel32.dll/mscms.dll/msctf.dll/ntdll.dll/ole32.dll/oleaut32.dll/PresentationNative_cor3.dll/secur32.dll/shcore.dll/shell32.dll/sspicli.dll/System.IO. The manipulation leads to uncontrolled search path.

The identification of this vulnerability is CVE-2025-4455. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-4455 | Patch My PC Home Updater up to 5.1.3.0 System.IO uncontrolled search path

Post correlati

CVE-2023-5413 | Image Horizontal Reel Scroll Slideshow Plugin up to 13.3 on WordPress Shortcode cross site scripting

CVE-2024-40633 | Sylius up to 1.12.18/1.13.3 on Symfony {id} information disclosure

CVE-2024-41961 | sapcc elektra Live Search code injection (GHSA-6j2h-486h-487q)

CVE-2023-33548 | Asus RT-AC51U up to 3.0.0.4.380.8591 WPA Pre-Shared Key cross site scripting