Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| GFI | MailEssentials | unaffected |
|
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-14685 | GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service. |
Tue, 04 Nov 2025 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 04 Nov 2025 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | GFI MailEssentials Local Privilege Escalation | GFI MailEssentials < 21.8 Local Privilege Escalation |
Sat, 10 May 2025 01:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Gfi
Gfi mailessentials |
|
| CPEs | cpe:2.3:a:gfi:mailessentials:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Gfi
Gfi mailessentials |
Mon, 28 Apr 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 28 Apr 2025 19:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | GFI MailEssentials prior to version 21.8 is vulnerable to a local privilege escalation issue. A local attacker can escalate to NT Authority/SYSTEM by sending a crafted serialized payload to a .NET Remoting Service. | |
| Title | GFI MailEssentials Local Privilege Escalation | |
| Weaknesses | CWE-502 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2025-11-19T01:26:23.590Z
Reserved: 2025-04-15T19:15:22.611Z
Link: CVE-2025-34489
Vulnrichment
Updated: 2025-04-28T18:59:36.038Z
NVD
Status : Modified
Published: 2025-04-28T19:15:46.910
Modified: 2025-11-04T23:15:36.803
Link: CVE-2025-34489
Redhat
No data.
OpenCVE Enrichment
No data.