A critical security vulnerability has been discovered in Zabbix Agent and Agent 2 for Windows that allows attackers with local system access to escalate their privileges through DLL injection attacks.

The flaw, tracked as CVE-2025-27237 with a CVSS score of 7.3 (High), affects multiple versions of the popular network monitoring solution and has prompted immediate security updates from Zabbix.

news

A critical security vulnerability has been discovered in Zabbix Agent and Agent 2 for Windows that allows attackers with local system access to escalate their privileges through DLL injection attacks. 

The flaw, tracked as CVE-2025-27237 with a CVSS score of 7.3 (High), affects multiple versions of the popular network monitoring solution and has prompted immediate security updates from Zabbix.