CVE-2025-52915

Published: Sep 9, 2025

Modified: Sep 10, 2025

PUBLISHED

Description

K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabling unauthorized processes to perform those actions in kernel space. Successful exploitation can lead to denial of service by disrupting critical third-party services or applications.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://k7computing.com

https://support.k7computing.com/index.php?/solutions/view-article/Advisory-issued-on-2nd-Sep-2025

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-52915

Description

Affected Products

References