Skip to content
K>Kaluche
  • Research
  • CVEs
  • Search
  • About
discoveredantivirus tamperingarbitrary registry modificationLPE to SYSTEM

CVE-2025-67826

K7 named pipe registry manipulation and privilege escalation

K7 Ultimate Security 17.0.2045 exposed a privileged named-pipe operation that allowed a local unprivileged user to edit arbitrary registry keys and escalate to SYSTEM; K7 lists 17.0.2057 with K7Sentry.sys 22.0.0.74 as the minimum fixed version.

Vendor
K7 Computing
Product
K7 Ultimate Security
Component
K7TSMngrService1 named pipe / K7TSMngr.exe
Disclosure
Dec 02, 2025
Bug class
insecure named pipe access, insufficient client validation
Severity
Not scored
writeupadvisory

© 2026 Kaluche · CC BY-NC 4.0

GitHubTwitterRSS