Primary

Context

Zabbix Agent and Agent 2 DLL Injection Vulnerability via OpenSSL Configuration on Windows

Vulnerability

Patched

A vulnerability exists in Zabbix Agent and Agent 2 for Windows, where the OpenSSL configuration file is loaded from a user-writable path. This flaw allows low-privileged users to maliciously alter the configuration, potentially leading to local privilege escalation by injecting a DLL. The issue arises because the modified configuration file is only loaded after restarting Zabbix Agent or the system.

Impact

Exploitation of this vulnerability could result in unauthorized DLL injection, allowing for local privilege escalation on the affected Windows system.

Reproduction

A local Windows user with Zabbix Agent or Zabbix Agent 2 installed can modify the OpenSSL configuration file. The injected DLL will be executed the next time Zabbix Agent is started or the system is rebooted.

Remediation

Users can update to Zabbix Agent version 6.0.41, 7.0.18, 7.2.12, or 7.4.2 to address this vulnerability.

Added: Oct 3, 2025, 12:45 PM

Updated: Oct 3, 2025, 12:45 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.6

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.6

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zabbix Agent and Agent 2 DLL Injection Vulnerability via OpenSSL Configuration on Windows

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Zabbix Agent

Zabbix Agent 2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating