CVE-2025-43711 - CERT CVE
ID CVE-2025-43711
Sažetak Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by dragging a crafted Tunnelblick.app file into /Applications.
Reference
CVSS
Base: 8.1
Impact: 6.0
Exploitability:1.4
Pristup
VektorSloženostAutentikacija
LOCAL HIGH NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Zadnje važnije ažuriranje 05-07-2025 - 00:15
Objavljeno 05-07-2025 - 00:15