AI description
CVE-2025-49144 is a privilege escalation vulnerability found in Notepad++ version 8.8.1 and prior. It stems from the installer's insecure handling of executable search paths, which could allow an attacker to gain SYSTEM-level privileges. The vulnerability exists because the installer searches for executable dependencies in the current working directory without proper validation. An attacker could exploit this by using social engineering or clickjacking to trick a user into downloading both the legitimate Notepad++ installer and a malicious executable into the same directory (often the Downloads folder). When the user runs the installer, the malicious executable would be loaded and executed with SYSTEM privileges, granting the attacker control over the system. This issue has been addressed in Notepad++ version 8.8.2 by enforcing absolute paths for critical operations.
- Description
- Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-272
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
22
A critical CVE-2025-49144 vulnerability in Notepad++ v8.8.1 allows privilege escalation to SYSTEM, risking full system control through malicious binaries in installer search paths. Updating to v8.8.2 is crucial. π¨ #Security #Vulnerability #USA https://t.co/SLkYvye9eg
@TweetThreatNews
24 Jun 2025
47 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 - Notepad++ Vulnerability Allows Full System Takeover In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable paths #notepad http
@NullSecurityX
24 Jun 2025
3203 Impressions
4 Retweets
14 Likes
16 Bookmarks
0 Replies
3 Quotes
π Breaking: CVE-2025-49144 Exposed! π¨ Notepad++ v8.8.1 Binary Planting Vulnerability Explained ππ‘οΈ π§ Read the full breakdown & secure your systems: https://t.co/s4rBeoJtiC #CyberSecurity #NotepadPlusPlus #InfoSec https://t.co/jYHZkidEwf
@BaseFortify
24 Jun 2025
83 Impressions
1 Retweet
2 Likes
0 Bookmarks
1 Reply
0 Quotes
Notepad++ v8.8.1 has a privilege escalation bug (CVE-2025-49144). Attackers can get SYSTEM access via binary planting during install. Update to v8.8.2 now. #cybersecurityawareness
@junaid_nihal
24 Jun 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49144 Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer tha⦠https://t.co/fiTMbg6QP2
@CVEnew
23 Jun 2025
6246 Impressions
1 Retweet
16 Likes
4 Bookmarks
0 Replies
1 Quote