CVE-2018-25359— Splinterware System Scheduler Pro 5.12 Privilege Escalation

CVSS 8.4 · High EPSS 0.16% · P5 Updated May 26, 2026

Possible ATT&CK Techniques 1AI

T1068 · Exploitation for Privilege Escalation

Affected Version Matrix 1

Vendor	Product	Version Range	Status
Splinterware	Splinterware System Scheduler Pro	`5.12`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-25359

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Splinterware System Scheduler Pro 5.12 Privilege Escalation

Source: NVD (National Vulnerability Database)

Vulnerability Description

Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious executable that executes with LocalSystem privileges when the service is triggered.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

缺省权限不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

Splinterware System Scheduler Pro 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Splinterware System Scheduler Pro是Splinterware公司的一款任务计划管理软件。 Splinterware System Scheduler Pro 5.12版本存在安全漏洞，该漏洞源于不安全的文件权限，可能导致低权限用户通过修改服务可执行文件来提升权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Splinterware	Splinterware System Scheduler Pro	5.12	-

II. Public POCs for CVE-2018-25359

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-25359

请登录查看更多情报信息。

IV. Related Vulnerabilities

Same vendor: Splinterware

CVE-2021-47824
iDailyDiary 4.30 - Denial of Service (PoC)

Same weakness: CWE-276

V. Comments for CVE-2018-25359

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-25359— Splinterware System Scheduler Pro 5.12 Privilege Escalation

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2018-25359

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-25359

III. Intelligence Information for CVE-2018-25359

Vendor Advisories for CVE-2018-25359 (1)

Exploits & Public PoCs for CVE-2018-25359 (1)

Vendor Pages for CVE-2018-25359 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2018-25359

Leave a comment