CVE-2025-40979

Published: Sep 10, 2025

Modified: Sep 10, 2025

PUBLISHED

Description

DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users<user>\AppData\Local\Temp' directory, which could lead to arbitrary code execution and persistence. This vulnerability is only replicable in versions of Windows 11 and does not affect earlier versions.

Vendor	Product	Versions
Grandstream Networks	Wave	affected `0 - < 1.27.11`

Weaknesses (CWE)

CWE-427

References

https://www.incibe.es/en/incibe-cert/notices/aviso/dll-search-order-hijack-wave-grandstream-networks

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-40979

Description

Affected Products

Weaknesses (CWE)

References