CVE-2025-0567: Epic Games Launcher Installer profapi.dll untrusted search path
First published: Sun Jan 19 2025(Updated: )
A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. This vulnerability affects unknown code in the library profapi.dll of the component Installer. The manipulation leads to untrusted search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation appears to be difficult.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Epic Games Launcher | <=17.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-0567?
CVE-2025-0567 is classified as a problematic vulnerability.
What software is affected by CVE-2025-0567?
CVE-2025-0567 affects Epic Games Launcher versions up to and including 17.2.1.
How can CVE-2025-0567 be exploited?
CVE-2025-0567 can be exploited through untrusted search path manipulation, requiring local access.
How do I fix CVE-2025-0567?
To mitigate CVE-2025-0567, update the Epic Games Launcher to a version newer than 17.2.1.
What component of the Epic Games Launcher is affected by CVE-2025-0567?
CVE-2025-0567 affects the profapi.dll library in the Installer component.
- collector/nvd-api
- source/NVD
- agent/severity
- agent/weakness
- agent/title
- agent/description
- agent/author
- agent/first-publish-date
- agent/references
- agent/type
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/epic games
- canonical/epic games launcher