Elastic Defend Windows Flaw Lets Attackers Gain Admin Access

Elastic reveals a critical flaw in Defend software allowing privilege escalation; update to secure versions for protection.

By Content Team

Nov 10, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Elastic disclosed a high-severity vulnerability (CVE-2025-37735) in its Defend security software for Windows that could let attackers escalate privileges to gain admin control. The flaw affects versions up to 8.19.5 and 9.0.0 through 9.1.5, scoring 7.0 on the CVSS scale.

The bug stems from improper file permission handling in the Defend service, which runs with SYSTEM-level privileges. Attackers with local access could exploit this to delete arbitrary files and potentially gain full system control.

Elastic urges immediate upgrades to fixed versions 8.19.6, 9.1.6, or 9.2.0. Organizations unable to patch immediately should consider upgrading to Windows 11 24H2, which makes exploitation much harder.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Conduent Data Breach Exposes Nearly 17,000 Volvo Group Employees' Personal Information

Feb 15, 2026

Critical Apache StreamPipes Flaw Lets Attackers Hijack Admin Accounts

Dec 31, 2025

Cybercriminals Selling 139GB of Stolen US Utility Engineering Data for $585K

Jan 8, 2026

Cryptocurrency Gateway Guardarian Hit by Sophisticated Supply Chain Attack

Apr 6, 2026