{"id":"CVE-2025-69689","details":"The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges.","modified":"2026-07-08T08:12:20.292426905Z","published":"2026-04-27T00:00:00Z","database_specific":{"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/69xxx/CVE-2025-69689.json"},"references":[{"type":"WEB","url":"https://getfancontrol.com"},{"type":"WEB","url":"https://gist.github.com/ahrixia/7c89bb3f1af6e85aeedde5ddb557a529"},{"type":"WEB","url":"https://github.com/Rem0o/FanControl.Releases/releases/tag/V251"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/69xxx/CVE-2025-69689.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-69689"},{"type":"PACKAGE","url":"https://github.com/Rem0o/FanControl.Releases"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rem0o/fancontrol.releases","events":[{"introduced":"0"},{"fixed":"093ae0085ed8fe051f12e3c287e0927e6b819a7a"}],"database_specific":{"source":"REFERENCES"}}],"versions":["V250","V249","V248","V247","V246","V245","V244","V243","V242","V241","V240","V239","V238","V237","V236","V235","V234","V233","V232","V231","V230","V229","V228","V227","V226","V225","V224","V223","V222","V221","V220","V219","V218","V217","V216","V215","V214","V213","V212","V211","V210","V209","V208","V207","V206","V205","V204","V203","V202","V201","V200","V199","V198","V197","V196","V195","V194","V193","V192","V191","V190","V189","V188","V187","V186","V185","V184","V183","V182","V181","V180","V179","V178","V177","V176","V175","V174","V173","V172","V171","V170","V169","V168","V167","V166","V165","V164","V163","V162","V161","V160","V159","V158","V157","V156","V155","V154","V153","V152","V150","V147","V146","V143","V142","V140","V138","V137","V136","V134","V131","V129","V128","V127","V122","V121","V120","V119","V118","V117","V116","V115","V114","V113","V112","V111","V110","V105","V103","V102","V101","V100","V99","V98","V97","V96","V95","V94","V93","V92.1","V92","V91","V90","V89","V87","V86","V85","V84","V83","V82","V81","V80","V79","V78","V77","V76","V74","V72","V71","V70","V69","V68","V67","V65","V64","V63","V62","V61","V60","V59","V58","V57","V56","V55","V54","V53","V52","V51","V50","V49","V48","V47","V46","V45","V44","V43","V42","V41","V40","V38","V37","V36","V35","V34","V33","V32","V31"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69689.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}