CVE-2025-49797 (GCVE-0-2025-49797)
Vulnerability from cvelistv5
Published
2025-06-25 09:25
Modified
2025-08-19 06:48
Severity ?
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.5 (High) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CWE
  • CWE-552 - Files or directories accessible to external parties
Summary
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
References
vultures@jpcert.or.jphttps://jvn.jp/en/vu/JVNVU91819309/
vultures@jpcert.or.jphttps://support.brother.com/g/s/security/
vultures@jpcert.or.jphttps://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009
vultures@jpcert.or.jphttps://www.toshibatec.com/information/20250625_01.html
Impacted products
Vendor Product Version
BROTHER INDUSTRIES, LTD. Multiple driver installers for Windows Version: see the information provided by the vendor
 Create a notification for this product.
   Toshiba Tec Corporation Multiple driver installers for Windows Version: see the information provided by the vendor
 Create a notification for this product.
   Ricoh Company, Ltd. Multiple driver installers for Windows Version: see the information provided by the vendor
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49797",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-25T12:22:16.386782Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-25T12:41:07.779Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Multiple driver installers for Windows",
          "vendor": "BROTHER INDUSTRIES, LTD.",
          "versions": [
            {
              "status": "affected",
              "version": "see the information provided by the vendor"
            }
          ]
        },
        {
          "product": "Multiple driver installers for Windows",
          "vendor": "Toshiba Tec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "see the information provided by the vendor"
            }
          ]
        },
        {
          "product": "Multiple driver installers for Windows",
          "vendor": "Ricoh Company, Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "see the information provided by the vendor"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "baseScore": 8.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-552",
              "description": "Files or directories accessible to external parties",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T06:48:21.242Z",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "url": "https://support.brother.com/g/s/security/"
        },
        {
          "url": "https://www.toshibatec.com/information/20250625_01.html"
        },
        {
          "url": "https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009"
        },
        {
          "url": "https://jvn.jp/en/vu/JVNVU91819309/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2025-49797",
    "datePublished": "2025-06-25T09:25:53.381Z",
    "dateReserved": "2025-06-11T04:48:58.284Z",
    "dateUpdated": "2025-08-19T06:48:21.242Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-49797\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2025-06-25T10:15:22.910\",\"lastModified\":\"2025-08-19T07:15:29.487\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].\"},{\"lang\":\"es\",\"value\":\"Varios instaladores de controladores de Brother para Windows contienen una vulnerabilidad de escalada de privilegios. Si se explota, se puede ejecutar un programa arbitrario con privilegios de administrador. Para obtener informaci\u00f3n sobre los nombres, n\u00fameros de modelo y versiones de los productos afectados, consulte la informaci\u00f3n proporcionada por los respectivos proveedores en [Referencias].\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV30\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"vultures@jpcert.or.jp\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-552\"}]}],\"references\":[{\"url\":\"https://jvn.jp/en/vu/JVNVU91819309/\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://support.brother.com/g/s/security/\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://www.toshibatec.com/information/20250625_01.html\",\"source\":\"vultures@jpcert.or.jp\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-49797\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-25T12:22:16.386782Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-25T12:40:08.431Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"BROTHER INDUSTRIES, LTD.\", \"product\": \"Multiple driver installers for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"see the information provided by the vendor\"}]}, {\"vendor\": \"Toshiba Tec Corporation\", \"product\": \"Multiple driver installers for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"see the information provided by the vendor\"}]}, {\"vendor\": \"Ricoh Company, Ltd.\", \"product\": \"Multiple driver installers for Windows\", \"versions\": [{\"status\": \"affected\", \"version\": \"see the information provided by the vendor\"}]}], \"references\": [{\"url\": \"https://support.brother.com/g/s/security/\"}, {\"url\": \"https://www.toshibatec.com/information/20250625_01.html\"}, {\"url\": \"https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2025-000009\"}, {\"url\": \"https://jvn.jp/en/vu/JVNVU91819309/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-552\", \"description\": \"Files or directories accessible to external parties\"}]}], \"providerMetadata\": {\"orgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"shortName\": \"jpcert\", \"dateUpdated\": \"2025-08-19T06:48:21.242Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-49797\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-19T06:48:21.242Z\", \"dateReserved\": \"2025-06-11T04:48:58.284Z\", \"assignerOrgId\": \"ede6fdc4-6654-4307-a26d-3331c018e2ce\", \"datePublished\": \"2025-06-25T09:25:53.381Z\", \"assignerShortName\": \"jpcert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.