CVE-2025-23385

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 28, 2025

CWE ID 114

Summary

CVE-2025-23385 is a critical vulnerability affecting JetBrains ReSharper versions before 2024.3.4, Rider before 2024.3.4 and 2024.2.8, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, and ETW Host Service before 16.43. The weakness enables an attacker to escalate local privileges through the ETW Host Service. This issue may allow unauthorized users to gain administrative access and potentially execute malicious code with higher permissions. Users are advised to update their affected software as soon as possible to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2fh4XI
https://www.cve.org/CVERecord?id=CVE-2025-23385
https://nvd.nist.gov/vuln/detail/CVE-2025-23385

Back to Vulnerability Database

CVE-2025-23385

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations