CNNVD-202508-2735 Information

CNNVD ID

CNNVD-202508-2735

Related CVE

CVE-2025-52095

• CNNVD Published: 2025-08-22

Description (Chinese)

PDQ Smart Deploy是美国PDQ公司的一款Windows设备映像和部署软件。 PDQ Smart Deploy 3.0.2040版本存在安全漏洞，该漏洞源于SDCommon.dll中的凭据加密例程存在缺陷，可能导致权限提升。

Description (English)

PDQ Smart Deploy is a Windows equipment image and deployment software of the United States company PDQ. There is a security loophole in PDQ Smart Deploy version 3.0.2040, which stems from deficiencies in the documented encryption routine in SDCommon.dll, which may lead to an increase in privileges.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

PDQ

Published

2025-08-22

Last Modified

2026-02-24

References

https://www.pdq.com/products/smartdeploy/ https://specterops.io/blog/2025/08/12/hklmsystemsetupsmartdeploy-the-static-keys-to-abusing-pdq-smartdeploy/ https://nvd.nist.gov/vuln/detail/CVE-2025-52095

Patch

https://smartdeploy.pdq.com/hc/en-us/articles/12982168116251-Release-Notes-and-Schedule