CVE-2025-0567

CVSS 3.1 Score 4.5 of 10 (medium)

Details

Published Jan 19, 2025

CWE ID 426

Summary

CVE-2025-0567 is a newly identified vulnerability affecting Epic Games Launcher up to version 17.2.1. The issue lies within the untrusted search path in the profapi.dll library of the Installer component. An attacker must have local access to exploit this flaw, which is classified as having a rather high complexity. Successfully exploiting this vulnerability is considered difficult, but if achieved, it could pose a significant risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2kx_sA
https://www.cve.org/CVERecord?id=CVE-2025-0567
https://nvd.nist.gov/vuln/detail/CVE-2025-0567

Back to Vulnerability Database

CVE-2025-0567

CVSS 3.1 Score 4.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations