CVE-2025-1055

Published Jun 11, 2025

Last updated 2 months ago

CVSS medium 5.6
K7 Security Anti-Malware

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-1055 affects the K7RKScan.sys driver, a component of the K7 Security Anti-Malware suite. The vulnerability allows a local, low-privilege user to send specific IOCTL requests that can terminate a wide range of processes. These processes can run with administrative or system-level privileges, excluding those protected by the operating system. This vulnerability arises from a lack of access control in the driver's IOCTL handler. This allows users without sufficient privileges to perform actions that should be restricted to the kernel space. Successful exploitation of this flaw can lead to a denial-of-service state by disrupting critical services or privileged applications.

Description
A vulnerability in the K7RKScan.sys driver, part of the K7 Security Anti-Malware suite, allows a local low-privilege user to send crafted IOCTL requests to terminate a wide range of processes running with administrative or system-level privileges, with the exception of those inherently protected by the operating system. This flaw stems from missing access control in the driver's IOCTL handler, enabling unprivileged users to perform privileged actions in kernel space. Successful exploitation can lead to denial of service by disrupting critical services or privileged applications.
Source
41c37e40-543d-43a2-b660-2fee83ea851a
NVD status
Deferred

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.6
Impact score
4
Exploitability score
1.1
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

41c37e40-543d-43a2-b660-2fee83ea851a
CWE-862

Social media

Hype score
Not currently trending

  1. 🚨 GÜVENLİK BÜLTENİ: DragonForce Fidye Yazılımı MS Teams Altyapısını Arka Kapı Olarak Kullanıyor (CVE-2023-52271 / CVE-2025-61155 / CVE-2025-1055) Merhaba #Brolyz Fidye yazılımı gruplarının savunma atlatma tekniklerinde kritik bir gelişme raporlandı. Symant

    @rahmid3mir

    16 Jun 2026

    82 Impressions

    0 Retweets

    5 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Confirmed: the two drivers with CVE-2025-52915 CVE-2025-1055 is still available on latest Win11 at present. https://t.co/XTToARjtmt

    @anylink20240604

    14 Sept 2025

    9365 Impressions

    15 Retweets

    115 Likes

    55 Bookmarks

    1 Reply

    0 Quotes

Related CVEs

  1. K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabling unauthorized processes to perform those actions in kernel space. Successful exploitation can lead to denial of service by disrupting critical third-party services or applications.CVE-2025-52915

References

Sources include official advisories and independent security research.