CVE-2025-7427

Uncontrolled Search Path Element in Arm Development Studio before 2025may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrary code execution in the context of the user running Arm Development Studio.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
ArmCNA
---
---
CISA-ADPADP
5.9 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
armarm_development_studio
𝑥
< 2025.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://developer.arm.com/documentation/110691