CVE-2025-58074

Privilege escalation during the installation of Norton Secure VPN via the Microsoft Store

CVSS 8.8 HIGHEPSS 0.1%CWE-1386

In short

During Norton Secure VPN installation from Microsoft Store, a regular user can replace files to delete arbitrary files and gain admin privileges. This happens because the installation process doesn't properly protect files from being tampered with.

Technical detail

A file replacement vulnerability exists during Norton Secure VPN installation via Microsoft Store (CWE-1386: Improper Validation of Specified Quantity in Input). A low-privilege user can intercept and modify files during installation, enabling arbitrary file deletion that escalates privileges to system level. The vulnerability requires local access and occurs within the installation window.

Summary generated and translated by AI from the official description.

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

Gen Digital · Norton Secure VPN

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.norton.com/sp/en/me/home/current/solutions/v20250301180004520 https://www.gendigital.com/us/en/contact-us/security-advisories/https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2276