CNNVD-202510-1115 Information
CNNVD ID
CNNVD-202510-1115
Related CVE
- CNNVD Published: 2025-10-08
Description (Chinese)
CCleaner和CCleaner Cloud都是英国CCleaner公司的产品。CCleaner是一款系统清理与优化软件。CCleaner Cloud是一款云端系统清理与优化软件。 CCleaner v5.33.6162版本和CCleaner Cloud v1.07.3191版本存在安全漏洞,该漏洞源于恶意预入口点加载器执行内存有效载荷,可能导致远程数据收集和渗漏。
Description (English)
CCleaner and CCleaner Cloud are products of CCleaner, the United Kingdom. CCleaner is a system clean-up and optimization software. CCleaner Cloud is a cloud system clean-up and optimization software. There is a security loophole in version CCleaner v.5.33.6162 and version CCleaner Cloud v1.07.3191, which results from the malicious pre-entry point loader implementation memory payload, which may lead to remote data collection and leakage.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
CCleaner
Published
2025-10-08
Last Modified
2026-02-24
References
https://blog.avast.com/progress-on-ccleaner-investigation https://blog.avast.com/update-to-the-ccleaner-5.33.6162-security-incident https://blog.talosintelligence.com/avast-distributes-malware/ https://www.ccleaner.com/ https://www.ccleaner.com/knowledge/security-notification-ccleaner-v5336162-ccleaner-cloud-v1073191 https://www.crowdstrike.com/en-us/blog/protecting-software-supply-chain-deep-insights-ccleaner-backdoor/ https://www.morphisec.com/blog/morphisec-discovers-ccleaner-backdoor/ https://www.vulncheck.com/advisories/ccleaner-and-ccleaner-cloud-malicious-backdoor-supply-chain-compromise
Share on: