D7EAD/CVE-2025-61156

GitHub

github.com

www.cve.org

Releases0

Stars2

Disclosure for CVE-2025-61156, an insecure access control, kernel-mode vulnerability found in ThreatFire System Monitor abused in the wild for BYOVD and EDR evasion.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-61156 ↗	Oct 29, 2025Wednesday, 29 October 2025, 15:15	7.8 HIGH	—
Incorrect access control in the kernel driver of ThreatFire System Monitor v4.7.0.53 allows attackers to escalate privileges and execute arbitrary commands via an insecure IOCTL.