Main Vulnerability Database Vulnerabilities #VU119897

Unquoted Search Path or Element in PDFsam Enhanced - CVE-2025-14405

Published: December 12, 2025

Vulnerability identifier: #VU119897

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-14405

CWE-ID: CWE-428

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: PDFsam

Affected software:
PDFsam Enhanced

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unquoted search path or element within the configuration of OpenSSL. An authenticated attacker with physical access can execute arbitrary code on the system with elevated privileges.

How to mitigate CVE-2025-14405

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Sources

https://www.zerodayinitiative.com/advisories/ZDI-25-1093/

Unquoted Search Path or Element in PDFsam Enhanced - CVE-2025-14405

Detailed vulnerability description

How to mitigate CVE-2025-14405

Sources

Please verify you're human