Description

A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel v5.22). The flaw is a Time-of-Check Time-of-Use (TOCTOU) race condition in the license management logic. The regService process, which runs with SYSTEM privileges, creates a fixed directory and writes files without verifying whether the path is an NTFS reparse point. By exploiting this race condition, an attacker can replace the target directory with a junction pointing to a user-controlled path. This causes the SYSTEM-level process to drop binaries in a location fully controlled by the attacker, allowing arbitrary code execution with SYSTEM privileges. The vulnerability can be exploited by any standard user with only a single UAC confirmation, making it highly practical and dangerous in real-world environments.

INFO

Published Date :

2025-12-31T00:00:00.000Z

Last Modified :

2026-01-02T18:05:57.530Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-61037 vulnerability.

Vendors Products
Sevencs
  • Ec2007 Kernel
  • Orca G2
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-61037.

URL Resource
https://gist.github.com/jc0818/233462416579661e4e2795f96457a6bf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact