CVE-2025-71178

UNKNOWN 0.0

Crucial Storage Executive < 11.08.082025.00 Installer DLL Preloading LPE

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

1th

Crucial Storage Executive installer versions prior to 11.08.082025.00 contain a DLL preloading vulnerability. During installation, the installer runs with elevated privileges and loads Windows DLLs using an uncontrolled search path, which can cause a malicious DLL placed alongside the installer to be loaded instead of the intended system library. A local attacker who can convince a victim to run the installer from a directory containing the attacker-supplied DLL can achieve arbitrary code execution with administrator privileges.

CWE	CWE-427
Vendor	micron technology, inc.
Product	crucial storage executive
Published	Jan 26, 2026
Last Updated	May 14, 2026

Stay Ahead of the Next One

Get instant alerts for micron technology, inc. crucial storage executive

Be the first to know when new unknown vulnerabilities affecting micron technology, inc. crucial storage executive are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Micron Technology, Inc. / Crucial Storage Executive

0 < 11.08.082025.00

References

NVD ↗ CVE.org ↗ EPSS Data ↗

eu.crucial.com: https://eu.crucial.com/support/storage-executive vulncheck.com: https://www.vulncheck.com/advisories/crucial-storage-executive-installer-dll-preloading-lpe

Credits

Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.