SpyShelter up to 15.4.0.1015 IOCTL SpyShelter.sys denial of service
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.2 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, was found in SpyShelter up to 15.4.0.1015. Affected by this vulnerability is an unknown functionality in the library SpyShelter.sys of the component IOCTL Handler. Such manipulation leads to denial of service. This vulnerability is documented as CVE-2025-10475. The attack needs to be performed locally. Additionally, an exploit exists. You should upgrade the affected component.
Details
A vulnerability was found in SpyShelter up to 15.4.0.1015 and classified as problematic. Affected by this issue is some unknown functionality in the library SpyShelter.sys of the component IOCTL Handler. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. Impacted is availability.
The advisory is available at yuque.com. This vulnerability is handled as CVE-2025-10475. The exploitation is known to be easy. Local access is required to approach this attack. Technical details as well as a public exploit are known.
The exploit is available at yuque.com. It is declared as proof-of-concept.
Upgrading to version 15.4.0.1028 eliminates this vulnerability.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔒VulDB Reliability: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Vector: 🔒
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.2
VulDB Base Score: 5.5
VulDB Temp Score: 5.0
VulDB Vector: 🔒
VulDB Reliability: 🔍
CNA Base Score: 5.5
CNA Vector: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔒
ATT&CK: 🔒
Physical: Partially
Local: Yes
Remote: No
Availability: 🔒
Access: Public
Status: Proof-of-Concept
Download: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Price Prediction: 🔍
Current Price Estimation: 🔒
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔒
Upgrade: SpyShelter 15.4.0.1028
Timeline
09/15/2025 Advisory disclosed09/15/2025 VulDB entry created
09/15/2025 VulDB entry last update
Sources
Advisory: yuque.comStatus: Confirmed
Confirmation: 🔒
CVE: CVE-2025-10475 (🔒)
GCVE (CVE): GCVE-0-2025-10475
GCVE (VulDB): GCVE-100-323906
scip Labs: https://www.scip.ch/en/?labs.20161013
Entry
Created: 09/15/2025 15:53Updated: 09/15/2025 23:38
Changes: 09/15/2025 15:53 (57), 09/15/2025 23:38 (30)
Complete: 🔍
Submitter: Evan_xuan
Cache ID: 216::103
Submit
Accepted
- Submit #648484: SpyShelter <=15.4.0.1012 Local Privilege Escalation (by Evan_xuan)
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.