CVE-2025-32919

high-risk

Published 2025-10-09

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL).

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (20)

Checkmk

Affected Vendors

Checkmk

References (3)

Vendor Advisory https://checkmk.com/werk/18207

Exploit https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250724-01_C...

Exploit http://seclists.org/fulldisclosure/2025/Oct/6

/ 100

high-risk

Severity 24/34 · High

Exploitability 0/34 · Minimal

Exposure 30/34 · Critical