CRITICAL🇵🇱 Wersja polska

CVE-2025-69599

CVSS 9.8pub. 2026-05-08upd. 2026-05-11

RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration.

🤖 AI Analysis
How it works

The RayVentory Scan Engine application during operation references external executable files or libraries using the PATH environment variable without validation or sanitization. If an attacker has the ability to modify the PATH variable (e.g., through access to the account running the service), they can substitute a malicious executable file with the same name as the one called by the application. When the application is launched, the malicious file will be executed with the privileges of the RayVentory Scan Engine process.

Impact

An attacker can gain elevated privileges in the operating system, which may consequently lead to complete system takeover, data disclosure, or data modification.

Mitigation & patch

RayVentory Scan Engine should be updated to the version indicated by the vendor as secure (see: https://support.raynet.de/hc/en-us/articles/19518792826132-RVY200865-RayVentory-12-6). Additionally, it is recommended to ensure that no unprivileged user has the ability to modify the PATH environment variable for processes running the service. The system service should be launched with the minimum necessary privileges and with a strictly defined, secure runtime environment.

Who is affected

RayVentory Scan Engine in versions up to and including 12.6 Update 8

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References