conda-forge openssl-feedstock before 066e83c (2024-05-20), on Microsoft Windows, configures OpenSSL to use an OPENSSLDIR file path that can be written to by non-privilged local users. By writing a specially crafted openssl.cnf file in OPENSSLDIR, a non-privileged local user can execute arbitrary code with the privileges of the user or process loading openssl-feedstock DLLs. Miniforge before 24.5.0 is also affected.
CVE ID: CVE-2025-35471
CVSS Base Severity: HIGH
CVSS Base Score: 7.3
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vendor: conda-forge
Product: miniforge, openssl-feedstock
EPSS Score: 0.01% (probability of being exploited)
EPSS Percentile: 1.56% (scored less or equal to compared to others)
EPSS Date: 2025-06-06 (when was this score calculated)