CVE-2025-5496: Fix for Arbitrary File Deletion in dcconfig.exe

Severity: Low | Attack Vector: Local | Release Date: 09-May-2025

Summary

This document highlights the security update for a vulnerability identified in the agent binary dcconfig.exe within Endpoint Central. This issue may allow an attacker to escalate local privileges to SYSTEM.

Reported By

Chris Au via the ManageEngine Bug Bounty Program

Technical Details

Problem: Privileged file deletion performed by the agent during policy refresh in dcconfig.exe can be exploited to gain SYSTEM-level access.

Fix Builds:

• 11.4.2518.01
• 11.4.2508.14
• 11.4.2516.06

How to Apply the Fix

1. Login to your Endpoint Central product console.
2. Click on your current build number (top-right corner).
3. Download and install the latest applicable Patch/PPM update.

Note: This update is applicable to both On-Premises and Cloud versions.

Need Help?

If you have any questions or require assistance, please contact our support team.