{"id":85614,"date":"2025-11-05T14:59:15","date_gmt":"2025-11-05T14:59:15","guid":{"rendered":""},"modified":"2025-11-11T11:04:12","modified_gmt":"2025-11-11T17:04:12","slug":"cve-2025-10199-local-privilege-escalation-vulnerability-in-sunshine-for-windows","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-10199-local-privilege-escalation-vulnerability-in-sunshine-for-windows\/","title":{"rendered":"<strong>CVE-2025-10199: Local Privilege Escalation Vulnerability in Sunshine for Windows<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>The vulnerability known as CVE-2025-10199 is a local privilege escalation flaw detected in Sunshine for Windows. This vulnerability could potentially affect any business or individual using this software, particularly if they are running version v2025.122.141614 or prior. The risk lies in the unquoted service path, rendering the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49668-heap-based-buffer-overflow-in-windows-rras-resulting-in-potential-system-compromise\/\"  data-wpil-monitor-id=\"92446\">system susceptible to compromise and potential<\/a> data leakage.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-10199<br \/>\nSeverity: High (7.8 CVSS score)<br \/>\nAttack Vector: Local<br \/>\nPrivileges Required: Low<br \/>\nUser Interaction: Required<br \/>\nImpact: Potential system compromise or data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-97247880\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>Sunshine for Windows | v2025.122.141614 and prior versions<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The CVE-2025-10199 <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-52811-path-traversal-vulnerability-in-davenport-wordpress-theme\/\"  data-wpil-monitor-id=\"92378\">vulnerability arises from an unquoted service path<\/a> in Sunshine for Windows. This oversight means that if a local attacker can insert an executable file in the service path, the system could potentially execute it. This execution could result in the escalation of privileges, giving the attacker the ability to compromise the system or cause data leakage.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-1552066723\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>The following is a conceptual example of how this vulnerability might be exploited:<\/p>\n<pre><code class=\"\" data-line=\"\"># Attacker places malicious executable in service path\necho &#039;malicious_code&#039; &gt; C:\\\\Program Files\\\\Sunshine\\\\malicious.exe\n# Service executes malicious code on startup, escalating privileges\nsc start SunshineService<\/code><\/pre>\n<p>Please note that this is a conceptual example and not an actual exploit code. The actual process of exploiting this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-2945-critical-remote-code-execution-vulnerability-in-pgadmin-4\/\"  data-wpil-monitor-id=\"92517\">vulnerability would likely involve more sophisticated techniques and malicious code<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview The vulnerability known as CVE-2025-10199 is a local privilege escalation flaw detected in Sunshine for Windows. This vulnerability could potentially affect any business or individual using this software, particularly if they are running version v2025.122.141614 or prior. The risk lies in the unquoted service path, rendering the system susceptible to compromise and potential data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[82],"product":[],"attack_vector":[76],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-85614","post","type-post","status-publish","format-standard","hentry","category-uncategorized","vendor-microsoft","attack_vector-privilege-escalation"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/85614","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=85614"}],"version-history":[{"count":3,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/85614\/revisions"}],"predecessor-version":[{"id":85802,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/85614\/revisions\/85802"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=85614"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=85614"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=85614"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=85614"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=85614"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=85614"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=85614"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=85614"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=85614"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}