CVE-2025-5494 Privilege Escalation Vulnerability

This document addresses the specific challenges associated with the privilege escalation vulnerability in Endpoint Central agent.

CVE: CVE-2025-5494
Severity: Low
Attack Vector: Local
Fixed build: For versions 11.4.2500.25 or below, upgrade to version 11.4.2500.26
For versions 11.4.2508.13 or below, upgrade to version 11.4.2508.14
Fix release date: 24-Apr-2025
Reported by: Chris Au via ZohoCorp Bug bounty program

What was the problem?

Privileged file deletion performed by Endpoint Central agent during patch scan can be exploited to elevate privileges to SYSTEM.

How to fix it?

Upgrading to the latest version is strongly advised due to this vulnerability's severity. To upgrade, follow the below steps:

1. Login to the Endpoint Central console, and click on your current build number in the top right corner.
2. You'll be able to find the latest build applicable to you. Download the PPM and update.

For any further questions or concerns on this, please write to our support team.