CVE-2025-53841

HIGH EPSS 2.7%

Published Dec 3, 20256mo ago · Modified Jun 17, 20261w ago

7.8 CVSS 3.1

High

Published Dec 3, 2025 6mo ago

Last Modified Jun 17, 2026 1w ago

Description

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

CVSS Details

Base Score

7.8

Exploitability

1.8

Impact

5.9

Vector string

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector Local

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

2.7% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-829

References 4

community.akamai.com https://community.akamai.com/customers/s/article/Windows-Agent-Vulnerability-Summary-and-Resolution
techdocs.akamai.com https://techdocs.akamai.com/guardicore-platform-agent/changelog
akamai.com https://www.akamai.com/blog/security/advisory-cve-2025-53841-guardicore-local-privilege-escalation
tuv.com https://www.tuv.com/landingpage/en/vulnerability-disclosure/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.