cvedb.io
CVE-2025-35978
HIGH · CVSS 7.1
EPSS exploitation probability: 0%
Published 2025-06-12T06:15:23.207 · Last modified 2026-06-17T09:14:19.910

Summary

Improper restriction of communication channel to intended endpoints issue exists in UpdateNavi V1.4 L10 to L33 and UpdateNaviInstallService Service 1.2.0091 to 1.2.0125. If a local authenticated attacker send malicious data, an arbitrary registry value may be modified or arbitrary code may be executed.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.