{"id":"CVE-2025-26624","summary":"Local Privilege Escalation in Rufus 4.6 and previous versions","details":"Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges (since the executable has been granted higher privileges during the time of launch) due to the ability to inject a malicious `cfgmgr32.dll` in the same directory as the executable and have it side load automatically. This is fixed in commit `74dfa49`, which will be part of version 4.7. Users are advised to upgrade as soon as version 4.7 becomes available. There are no known workarounds for this vulnerability.","aliases":["GHSA-p8p5-r296-g2jv"],"modified":"2026-04-02T12:46:35.847943Z","published":"2025-02-18T22:40:59.053Z","database_specific":{"cwe_ids":["CWE-426","CWE-427"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/26xxx/CVE-2025-26624.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/26xxx/CVE-2025-26624.json"},{"type":"ADVISORY","url":"https://github.com/pbatard/rufus/security/advisories/GHSA-p8p5-r296-g2jv"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-26624"},{"type":"FIX","url":"https://github.com/pbatard/rufus/commit/74dfa49707fd626b58d776d3400295740a29e23e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pbatard/rufus","events":[{"introduced":"0"},{"fixed":"88f023e79623c081944d5f4ea76a9f64414650c3"}]}],"versions":["v1.0.3","v1.0.4","v1.0.5","v1.0.6","v1.0.7","v1.1.0","v1.1.1","v1.1.2","v1.1.3","v1.1.4","v1.1.5","v1.1.6","v1.1.7","v1.2.0","v1.3.0","v1.3.1","v1.3.2","v1.3.3","v1.3.4","v1.4.0","v1.4.1","v1.4.10","v1.4.11","v1.4.12","v1.4.2","v1.4.3","v1.4.4","v1.4.5","v1.4.6","v1.4.7","v1.4.8","v1.4.9","v2.0","v2.1","v2.10","v2.11","v2.12","v2.13","v2.14","v2.15","v2.16","v2.17","v2.18","v2.2","v2.3","v2.4","v2.5","v2.6","v2.7","v2.8","v2.9","v3.0","v3.1","v3.10","v3.11","v3.12","v3.13","v3.14","v3.15","v3.16","v3.17","v3.18","v3.19","v3.2","v3.20","v3.21","v3.22","v3.3","v3.4","v3.5","v3.6","v3.7","v3.8","v3.9","v4.0","v4.1","v4.2","v4.3","v4.4","v4.5","v4.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-26624.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"}]}