CVE-2025-67791
17.12.2025, 22:15
An issue was discovered in DriveLock 24.1 through 24.1.*, 24.2 through 24.2.*, and 25.1 through 25.1.*. An incomplete configuration (agent authentication) in DriveLock tenant allows attackers to impersonate any DriveLock agent on the network against the DES (DriveLock Enterprise Service).Enginsight
| Vendor | Product | Version |
|---|---|---|
| drivelock | drivelock | 24.1 ≤ 𝑥 ≤ 24.1.4 |
| drivelock | drivelock | 24.2 ≤ 𝑥 ≤ 24.2.8 |
| drivelock | drivelock | 25.1 ≤ 𝑥 ≤ 25.1.6 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
Vulnerability Media Exposure