A critical security flaw (CVE-2025-27237) in Zabbix Agent and Agent 2 for Windows lets attackers with local access escalate privileges through DLL injection attacks. The vulnerability, scored 7.3 (High), affects versions 6.0.0-6.0.40, 7.0.0-7.0.17, 7.2.0-7.2.11, and 7.4.0-7.4.1.
The issue stems from improper handling of OpenSSL configuration files, where low-privileged users can modify the config path to inject malicious DLLs. When the agent restarts, it loads the malicious code with elevated system privileges.
Zabbix has released patches (versions 6.0.41, 7.0.18, 7.2.12, and 7.4.2) that fix the access controls. System administrators should update immediately, as no workarounds exist for this widespread enterprise monitoring solution vulnerability.
Source: Cyber Security News