CVE-2025-34489

GFI MailEssentials < 21.8 Local Privilege Escalation

CVSS 7.8 HIGHEPSS 0.3%CWE-502

In short

GFI MailEssentials before version 21.8 has a flaw that lets someone already on the computer gain full administrator access by sending a specially crafted message to a service. This is dangerous because it allows attackers to take complete control of the system.

Technical detail

A local privilege escalation vulnerability exists in GFI MailEssentials < 21.8 via unsafe deserialization of .NET Remoting payloads. An attacker with local access can send a malicious serialized object to the vulnerable service to achieve NT Authority/SYSTEM level execution. The attack requires local system access but bypasses normal permission restrictions.

Summary generated and translated by AI from the official description.

GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

GFI · MailEssentials

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://frycos.github.io/vulns4free/2025/04/28/mailessentials.html https://gfi.ai/products-and-solutions/network-security-solutions/mailessentials/resources/documentation/product-releases https://www.vulncheck.com/advisories/gfi-mailessentials-local-privilege-escalation