In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:NJetbrains Resharper
APPJetbrains< 2025.2.4
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
LPE
CWE
Related vulnerabilities
CVE-2025-23385HIGH7.8ten sam produkt
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7,...
CVE-2019-16407HIGH7.3ten sam produkt
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.
CVE-2025-64457MEDIUM4.2ten sam produkt
In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race co...
CVE-2024-27198CRITICAL9.8⚠ KEVPL ✓ten sam vendor
JetBrains TeamCity — Authentication Bypass umożliwiający działania administracyjne
CVE-2023-42793CRITICAL9.8⚠ KEVten sam vendor
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible