Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-43917

In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as root.

Published

2025-04-19T19:15:45.123

Last Modified

2025-04-21T14:23:45.950

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Secondary
CWE-863

Affected Vendors & Products

References

https://forum.pritunl.com/t/pritunl-client-v1-3-4220-57/3183 ([email protected])