CVE-2025-69875

A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/mertdas/QuickHealTotalSecurityPOC	Third Party Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-59439/	Not Applicable

Configurations

Configuration 1 (hide)

cpe:2.3:a:quickheal:total_security:23.0.0:*:*:*:*:-:*:*

History

No history.

Information

Published : 2026-02-03 18:16

Updated : 2026-02-11 16:06

NVD link : CVE-2025-69875

Mitre link : CVE-2025-69875

CVE.ORG link : CVE-2025-69875

JSON object : View

Products Affected

quickheal

total_security

CWE

CWE-269

Improper Privilege Management

CWE-281

Improper Preservation of Permissions

CWE-552

Files or Directories Accessible to External Parties

{"id": "CVE-2025-69875", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-02-03T18:16:17.150", "references": [{"url": "https://github.com/mertdas/QuickHealTotalSecurityPOC", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-59439/", "tags": ["Not Applicable"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-269"}, {"lang": "en", "value": "CWE-281"}, {"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation."}, {"lang": "es", "value": "Una vulnerabilidad existe en Quick Heal Total Security 23.0.0 en el componente de gesti\u00f3n de cuarentena, donde la validaci\u00f3n insuficiente de las rutas de restauraci\u00f3n y el manejo inadecuado de permisos permiten a un usuario local con pocos privilegios restaurar archivos en cuarentena en directorios del sistema protegidos. Este comportamiento puede ser abusado por un atacante local para colocar archivos en ubicaciones de alto privilegio, lo que podr\u00eda conducir a una escalada de privilegios."}], "lastModified": "2026-02-11T16:06:40.813", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:quickheal:total_security:23.0.0:*:*:*:*:-:*:*", "vulnerable": true, "matchCriteriaId": "5283246E-C892-4C9C-A22F-AB66B5172C1C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}