CVE-2025-61156

Published October 29th, 2025

View on NVD ↗

CVSS v3

7.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbitrary commands via an insecure IOCTL.

D7EAD/CVE-2025-61156

Disclosure for CVE-2025-61156, an insecure access control, kernel-mode vulnerability found in ThreatFire System Monitor abused in the wild for BYOVD and EDR evasion.

GitHub