CVE-2025-58074 – Norton Secure VPN

CVSS 8.8 IMPORTANT

“A simple install process flaw can hand attackers full system control.”

This patch addresses a privilege escalation vulnerability in Norton Secure VPN during installation via the Microsoft Store. A low-privileged user can manipulate files during the install process, exploiting insecure handling of Windows junctions to delete or replace arbitrary files. This can ultimately lead to full system-level access and compromise of the host.

CVE-2025-58074 has a CVSS score of 8.8, which is High severity.

There is no verified evidence of active exploitation or public proof-of-concept code. However, the vulnerability allows local attackers to escalate privileges with low complexity, making it a serious risk in shared or multi-user environments.

Key Details

Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
CWE Classification: CWE-1386

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2025-58074 – Norton Secure VPN

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002