CVE-2025-11535
MongoDB Connector for BI installation MSI leave ACLs unset on custom installation directories
MongoDB Connector for BI installation via MSI on Windows leaves ACLs unset on custom install directories allows Privilege Escalation.This issue affects MongoDB Connector for BI: from 2.0.0 through 2.14.24.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected products
MongoDB Inc · MongoDB Connector for BIWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →