A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code with elevated privileges during driver installation.
CVE-2025-11772: A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to execute arbitrary code …
CVE-2025-11772 allows local users to execute arbitrary code with elevated privileges during driver installation by placing a crafted DLL in the C:\ProgramData\Synaptics folder.