CVE-2025-3773
June 26, 2025, 6:57 p.m.
0.0
No Score
Description
A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Trellix |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
CWE-530
Exposure of Backup File to an Unauthorized Control Sphere
A backup file is stored in a directory or archive that is made accessible to unauthorized actors.
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | trellix | system_information_reporter | / | / | / | / | / | / | / | / |
Tags
Timeline
Published: June 26, 2025, 12:15 p.m.
Last Modified: June 26, 2025, 6:57 p.m.
Last Modified: June 26, 2025, 6:57 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
trellixpsirt@trellix.com
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.