JumpCloud Remote Assist for Windows local privilege escalation (CVE-2025-34352)
Vulnerability
Summary
Hide ▲
Show ▼
JumpCloud Remote Assist for Windows disclosed CVE-2025-34352, a local privilege-escalation flaw that can be triggered during uninstall or update operations and can let an unprivileged attacker reach NT AUTHORITY\\SYSTEM on endpoints. The weakness involves a user-writable %TEMP% path and creates a path to endpoint takeover if abused. JumpCloud fixed the issue in version 0.317.0.
Related Happenings
CISA orders FCEB remediation for CVE-2025-60710
Public Sector Action
First: 15.04.2026 17:51
Last: 15.04.2026 17:51
Sources 1
About this happening:
CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...
CISA orders FCEB remediation for CVE-2025-60710
Public Sector ActionAbout this happening: CISA added **CVE-2025-60710** to its **actively exploited** catalog and gave **FCEB agencies** **two weeks** to secure systems under **BOD 22-01**. The move targets a **Windows Ta...
Timeline
-
16.12.2025 13:39 2 articles · 5mo ago
JumpCloud Remote Assist for Windows CVE-2025-34352 disclosed and fixed
Initial DisclosureJumpCloud Remote Assist for Windows CVE-2025-34352 was disclosed as a local privilege-escalation flaw that can be triggered during JumpCloud Agent removal or update, letting an unprivileged local attacker abuse a user-writable %TEMP% subdirectory to run privileged file operations as NT AUTHORITY\SYSTEM and potentially reach endpoint takeover, BSOD, or a System shell; JumpCloud addressed the issue in version 0.317.0.
Show sources
- JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover — www.securityweek.com — 16.12.2025 13:39
- JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover — www.securityweek.com — 16.12.2025 13:39