CVE-2025-60865

HighPublic PoCLPE

Published: 03 February 2026

Published

03 February 2026

Modified

10 February 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0001 3.0th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-60865 is a high-severity Improper Access Control (CWE-284) vulnerability in Avanquest Pc Helpsoft Driver Updater. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 3.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Privilege Escalation (T1068). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-6 Least Privilege good match

prevent

Enforces least privilege on the Driver Updater Service, preventing low-privileged local attackers from exploiting insecure permissions to escalate privileges.

AC-3 Access Enforcement good match

prevent

Requires enforcement of approved access controls on system resources like the service component, directly mitigating the improper permissions vulnerability.

SI-2 Flaw Remediation good match

preventrecover

Mandates identification, reporting, and correction of flaws such as this insecure permissions issue through patching or upgrades.

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

Insecure service permissions (CWE-284) directly enable local privilege escalation to SYSTEM on Windows.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component.

Deeper analysisAI

CVE-2025-60865 is an insecure permissions vulnerability (CWE-284) affecting Avanquest Driver Updater version 9.1.57803.1174. The flaw resides in the Driver Updater Service Windows component, which has improper access controls that enable privilege escalation. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

A local attacker with low-privilege access (PR:L) can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows the attacker to escalate privileges, potentially gaining full system control on the affected Windows host.

Mitigation guidance is available in referenced advisories, including a detailed disclosure on GitHub at https://github.com/parad0x1334/CVE-Disclosures/tree/50e5d2bf33b2926db2cb14d47d392b38ac619a41/Driver%20Updater%20-%20PCHelpsoft and the vendor product page at https://www.pchelpsoft.com/products/driver-updater/. Security practitioners should review these for patching instructions or workarounds, such as restricting service permissions or upgrading the software.