CVE-2025-43917

Name of the Vulnerable Software and Affected Versions Pritunl Client versions prior to 1.3.4220.57

Description The issue allows an administrator with access to /Applications to escalate privileges after uninstalling the product. This is achieved by inserting a new file at the pathname of the removed pritunl-service file, which is then executed by a LaunchDaemon as root. The pritunl-service file is specifically targeted in this exploit.

Recommendations For versions prior to 1.3.4220.57, update to version 1.3.4220.57 or later to resolve the issue. As a temporary workaround, consider restricting access to the /Applications directory to prevent potential exploitation. Additionally, monitor LaunchDaemon executions to detect any suspicious activity.