CVE-2025-0707

HighLPE

Published: 24 January 2025

Published

24 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0007 21.0th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-0707 is a high-severity Untrusted Search Path (CWE-426) vulnerability. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL Search Order Hijacking (T1038); ranked at the 21.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to DLL Search Order Hijacking (T1038). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates the untrusted search path vulnerability in CRYPTBASE.dll by requiring timely flaw remediation through patching the affected Startup component.

CM-6 Configuration Settings good match

prevent

Enforces secure configuration settings to restrict DLL search paths to trusted directories, preventing loading of malicious DLLs from untrusted locations.

SI-7 Software, Firmware, and Information Integrity good match

preventdetect

Verifies the integrity and authenticity of software components like CRYPTBASE.dll, blocking or detecting substitution of malicious DLLs via untrusted search paths.

MITRE ATT&CK Enterprise TechniquesAI

T1038 DLL Search Order Hijacking Persistence

Windows systems use a common method to look for required DLLs to load into a program.

attack.mitre.org →

Why these techniques?

Untrusted search path (CWE-426) in CRYPTBASE.dll startup component directly enables DLL Search Order Hijacking (T1038) for code execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability was found in Rise Group Rise Mode Temp CPU 2.1. It has been classified as critical. This affects an unknown part in the library CRYPTBASE.dll of the component Startup. The manipulation leads to untrusted search path. The attack…

needs to be approached locally.

Deeper analysisAI

CVE-2025-0707 is a critical vulnerability discovered in Rise Group Rise Mode Temp CPU version 2.1, specifically affecting an unknown part of the CRYPTBASE.dll library within the Startup component. Published on January 24, 2025, the issue stems from an untrusted search path flaw, classified under CWE-426, with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Exploitation requires local access with low privileges and involves low-complexity manipulation of the untrusted search path, needing no user interaction. A successful attack can result in high impacts to confidentiality, integrity, and availability, potentially allowing the attacker to execute arbitrary code or gain significant control over the affected system.

Advisories published by VulDB provide further details on the vulnerability, including submission and identification records. Security practitioners should consult the following references for mitigation guidance and updates: https://vuldb.com/?ctiid.293235, https://vuldb.com/?id.293235, and https://vuldb.com/?submit.481088.

Details

CWE(s): CWE-426

CVEs Like This One

CVE-2026-2998Shared CWE-426

CVE-2026-25190Shared CWE-426

CVE-2026-21333Shared CWE-426

CVE-2026-3780Shared CWE-426

CVE-2024-48123Shared CWE-426

CVE-2025-12819Shared CWE-426

CVE-2026-32032Shared CWE-426

CVE-2025-21399Shared CWE-426

CVE-2026-0662Shared CWE-426

CVE-2025-26155Shared CWE-426

References

https://vuldb.com/?ctiid.293235
cna@vuldb.com
https://vuldb.com/?id.293235
cna@vuldb.com
https://vuldb.com/?submit.481088
cna@vuldb.com