CVE-2025-6264 | Rapid7 Velociraptor up to 0.74.2 VQL Query Admin.Client.UpdateClientConfig default permission (EUVD-2025-18787)
A vulnerability has been found in Rapid7 Velociraptor up to 0.74.2 and classified as critical. Affected by this vulnerability is the function Admin.Client.UpdateClientConfig of the component VQL Query Handler. The manipulation leads to incorrect default permissions.
This vulnerability is traded as CVE-2025-6264. An attack has to be approached locally. Furthermore, there is an exploit available.
The affected component should be upgraded.