CVE-2025-61973

{"id": "CVE-2025-61973", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-61973", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-01-16T04:55:52.523863Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}]}, "affected": [{"source": "talos-cna@cisco.com", "affectedData": [{"vendor": "Epic Games", "product": "Epic Games Store", "versions": [{"status": "affected", "version": "14.6.2.0"}]}]}], "published": "2026-01-15T16:16:11.320", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2279", "source": "talos-cna@cisco.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2279", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges."}, {"lang": "es", "value": "Una vulnerabilidad de escalada de privilegios local existe durante la instalaci\u00f3n de Epic Games Store a trav\u00e9s de la Microsoft Store. Un usuario con pocos privilegios puede reemplazar un archivo DLL durante el proceso de instalaci\u00f3n, lo que puede resultar en una elevaci\u00f3n de privilegios no intencionada."}], "lastModified": "2026-06-17T09:51:09.110", "sourceIdentifier": "talos-cna@cisco.com"}