Zabbix Agent/2 LPE via Writable OpenSSL Config on Windows
CVE-2025-27237 Published on October 3, 2025
DLL injection in Zabbix Agent and Agent 2 via OpenSSL configuration
In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.
Weakness Type
What is a DLL preloading Vulnerability?
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
CVE-2025-27237 has been classified to as a DLL preloading vulnerability or weakness.
Products Associated with CVE-2025-27237
Want to know whenever a new CVE is published for Zabbix? stack.watch will email you.
Affected Versions
Zabbix:- Version 6.0.0, <= 6.0.40 is affected.
- Version 7.0.0, <= 7.0.17 is affected.
- Version 7.2.0, <= 7.2.11 is affected.
- Version 7.4.0, <= 7.4.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.