iMonitorSoft EAM: CVE-2025-10540/1/2 - Unencrypted Comm, LPE via DLL Injection, Default Creds

Critical Vulnerability Information Vulnerability Overview CVE IDs: CVE-2025-10540, CVE-2025-10541, CVE-2025-10542 Impact: High Fixed Version: No specific fixed version provided; recommend contacting the vendor for the latest version Vulnerability Details 1. Unencrypted and Unauthenticated Communication (CVE-2025-10540) - Description: iMonitorSoft EAM management software communicates with agents via HTTP protocol, but the communication data is neither encrypted nor authenticated, resulting in sensitive information (such as commands and parameters) being transmitted in plaintext. - Risk: Attackers can eavesdrop on network traffic and tamper with commands sent from the console to the agent. 2. Local Privilege Escalation (CVE-2025-10541) - Description: The agent service runs with SYSTEM privileges; attackers can exploit specific DLL injection techniques to escalate privileges. - Risk: Attackers can execute arbitrary code on the target system and gain full control over the system. 3. Insecure Default Credentials (CVE-2025-10542) - Description: The software console uses default username and password (admin/admin), and these cannot be changed. - Risk: Attackers can exploit these default credentials to access the console and subsequently take control of the entire system. Tested Versions Vulnerable versions tested: No specific version number provided; recommend verifying if your current version is up to date. Vendor Communication Timeline July 3, 2023: Vulnerabilities discovered and reported to vendor July 22, 2023: Vendor acknowledged the issues and began remediation September 2, 2023: Vendor released a patch Mitigation Recommend contacting the vendor to obtain the latest version or patch. Bypass Methods No bypass methods currently known; recommend updating to the latest version as soon as possible. Vendor Advisory URL https://www.imonitorsoft.com/vulnerability.html

Goal Reached Thanks to every supporter — we hit 100%!

iMonitorSoft EAM: CVE-2025-10540/1/2 - Unencrypted Comm, LPE via DLL Injection, Default Creds