CVE-2025-10541

Name: CVE-2025-10541
Creator: NVD / NIST
Published: 2025-09-25T15:16:09.27+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.15%

Last modified Jun 17, 2026

CVE-2025-10541 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. iMonitor EAM 9.6394 installs a system service (eamusbsrv64.exe) that runs with NT AUTHORITY\SYSTEM privileges. This service includes an insecure update mechanism that automatically loads files placed in the C:\sysupdate\ directory during startup. EPSS estimates a 0.15% chance of exploitation in the next 30 days.

Description

iMonitor EAM 9.6394 installs a system service (eamusbsrv64.exe) that runs with NT AUTHORITY\SYSTEM privileges. This service includes an insecure update mechanism that automatically loads files placed in the C:\sysupdate\ directory during startup. Because any local user can create and write to this directory, an attacker can place malicious DLLs or executables in it. Upon service restart, the files are moved to the application’s installation path and executed with SYSTEM privileges, leading to privilege escalation.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.15%

4.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-732

References

Timeline

Published: Sep 25, 2025
Last Modified: Jun 17, 2026
Status: Deferred

Frequently Asked Questions

What is CVE-2025-10541?

How severe is CVE-2025-10541?

CVE-2025-10541 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.15% probability of exploitation in the next 30 days.

How do I fix CVE-2025-10541?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-10541?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST