CVE-2025-1121

MEDIUM Year: 2025
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-269
View all →

Vulnerability Description

Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image.

Related Vulnerabilities

CVE-2018-4478

MEDIUM
CVSS:6.8(Medium)

A validation issue was addressed with improved logic. This issue is fixed in macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan. An attacker with physical ...

CWE-2692018

CVE-2019-3588

MEDIUM
CVSS:6.8(Medium)

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan ...

CWE-2692019

CVE-2020-15797

MEDIUM
CVSS:6.8(Medium)

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-202...

CWE-2692020

CVE-2020-5916

MEDIUM
CVSS:6.8(Medium)

In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and higher privileged roles can perform arbitrary file reads outside of the web root directory.

CWE-2692020