Cyber Resilience

CVE-2025-68921

High

Published: 16 January 2026

Published
16 January 2026
Modified
23 January 2026
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0005 15.0th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-68921 is a high-severity Path Traversal (CWE-22) vulnerability in Steelseries Nahimic. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 15.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-68921 is a directory traversal vulnerability (CWE-22) in SteelSeries Nahimic 3 version 1.10.7. This flaw affects the audio software component provided by SteelSeries, with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), classifying it as high severity due to its potential for significant impact on system confidentiality, integrity, and availability.

The vulnerability can be exploited by a local attacker who has low privileges on the target system. Exploitation requires low attack complexity and no user interaction, allowing the attacker to traverse directories and potentially access or manipulate files outside the intended scope, leading to high-impact outcomes across confidentiality, integrity, and availability as scored by CVSS.

Mitigation guidance and additional details are available in the referenced advisories, including a technical gist at https://gist.github.com/ZeroMemoryEx/93208b7e57a5444de3654816857ddef4 and SteelSeries resources at https://steelseries.com/nahimic and https://steelseries.gg. The CVE was published on 2026-01-16T15:15:53.750.

EU & UK References

Vulnerability details

SteelSeries Nahimic 3 1.10.7 allows Directory traversal.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Why these techniques?

Local directory traversal directly enables arbitrary file read/write access on the local system, facilitating data collection from local files outside intended directories.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-44307Shared CWE-22
CVE-2026-39369Shared CWE-22
CVE-2025-13801Shared CWE-22
CVE-2026-42600Shared CWE-22
CVE-2025-54794Shared CWE-22
CVE-2026-41205Shared CWE-22
CVE-2026-41419Shared CWE-22
CVE-2025-45691Shared CWE-22
CVE-2026-7182Shared CWE-22
CVE-2025-24605Shared CWE-22

Affected Assets

steelseries
nahimic
≤ 1.10.4

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents directory traversal exploitation by validating file path inputs to reject traversal sequences like '../'.

prevent

Enforces approved access authorizations on file system resources, blocking unauthorized access or manipulation outside intended directories despite traversal attempts.

prevent

Limits damage from low-privilege local exploitation by restricting the Nahimic process to only necessary privileges, reducing impact on confidentiality, integrity, and availability.

References