Description

EfficientLab Controlio before v1.3.95 contains a DLL hijacking vulnerability caused by weak folder permissions in the installation directory. A local attacker can place a specially crafted DLL in this directory and achieve arbitrary code execution with highest privileges, because the affected service runs as NT AUTHORITY\SYSTEM.

INFO

Published Date :

2026-04-23T06:57:27.220Z

Last Modified :

2026-04-23T06:57:27.220Z

Source :

SEC-VLab
AFFECTED PRODUCTS

The following products are affected by CVE-2025-10549 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-10549.

URL Resource
https://kb.controlio.net/hc/en-us/articles/45777908471185-Client-Update-April-15-2026-ver-1-3-95 cve-icon cve-icon
https://r.sec-consult.com/controlio cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System