cve/2025/CVE-2025-3771.md

### [CVE-2025-3771](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3771)
![](https://img.shields.io/static/v1?label=Product&message=System%20Information%20Reporter&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.0.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-59%20Improper%20Link%20Resolution%20Before%20File%20Access%20('Link%20Following')&color=brightgreen)

### Description

A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the registry under the Trellix SIR registry folder or via policy or with a junction symbolic link to files that the user would not normally have permission to acces

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds