Cyber Resilience

CVE-2025-60865

HighPublic PoCLPE

Published: 03 February 2026

Published
03 February 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 5.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-60865 is a high-severity Improper Access Control (CWE-284) vulnerability in Avanquest Pc Helpsoft Driver Updater. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 5.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

CVE-2025-60865 is an insecure permissions vulnerability (CWE-284) affecting Avanquest Driver Updater version 9.1.57803.1174. The flaw resides in the Driver Updater Service Windows component, which has improper access controls that enable privilege escalation. It carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

A local attacker with low-privilege access (PR:L) can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows the attacker to escalate privileges, potentially gaining full system control on the affected Windows host.

Mitigation guidance is available in referenced advisories, including a detailed disclosure on GitHub at https://github.com/parad0x1334/CVE-Disclosures/tree/50e5d2bf33b2926db2cb14d47d392b38ac619a41/Driver%20Updater%20-%20PCHelpsoft and the vendor product page at https://www.pchelpsoft.com/products/driver-updater/. Security practitioners should review these for patching instructions or workarounds, such as restricting service permissions or upgrading the software.

EU & UK References

Vulnerability details

Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174 allows a local attacker to escalate privileges via the Driver Updater Service windows component.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Insecure service permissions (CWE-284) directly enable local privilege escalation to SYSTEM on Windows.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-48898Shared CWE-284
CVE-2026-25176Shared CWE-284
CVE-2026-48899Shared CWE-284
CVE-2026-37526Shared CWE-284
CVE-2024-56883Shared CWE-284
CVE-2026-42823Shared CWE-284
CVE-2026-0844Shared CWE-284
CVE-2026-41086Shared CWE-284
CVE-2026-35242Shared CWE-284
CVE-2026-33834Shared CWE-284

Affected Assets

avanquest
pc helpsoft driver updater
9.1.57803.1174

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Enforces least privilege on the Driver Updater Service, preventing low-privileged local attackers from exploiting insecure permissions to escalate privileges.

prevent

Requires enforcement of approved access controls on system resources like the service component, directly mitigating the improper permissions vulnerability.

preventrecover

Mandates identification, reporting, and correction of flaws such as this insecure permissions issue through patching or upgrades.

References