CVE-2025-53841
HIGHDescription
The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.
Is your site exposed to CVE-2025-53841?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
References
Other References
Frequently Asked Questions
What is CVE-2025-53841? +
How severe is CVE-2025-53841? +
How do I check if I'm vulnerable to CVE-2025-53841? +
Related Vulnerabilities
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution …
An authenticated remote code execution vulnerability exists in Lucee’s administrative interface due to insecure design in the scheduled task functionality. …
pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules …
A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input …
A critical security vulnerability exists in remote cache extensions for common build systems utilizing bucket-based remote cache (such as those …
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control …