CVE 8.8 HIGH

CVE-2025-58074_CVE-2025-58074

May 4, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges.

AI Analysis

Privilege escalation vulnerability during installation of Norton Secure VPN

Basic Information

ID CVE-2025-58074

Source talos

Published May 4, 2026 at 13:11

Modified May 4, 2026 at 13:12

Affected Product

Vendor Gen Digital

Product Norton Secure VPN

Version 6.5.0.59

Affected Versions Gen Digital Norton Secure VPN 6.5.0.59

CWE Classification

CWE-1386

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Gen Digital

Product Norton Secure VPN

Version 6.5.0.59

References

talosintelligence.com /vulnerability_reports/TALOS-2025-2276

{
    "lastseen": "",
    "description": "A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges.",
    "published": "2026-05-04T13:11:08.628Z",
    "modified": "2026-05-04T13:12:07.353Z",
    "type": "cve",
    "title": "CVE-2025-58074",
    "source": "talos",
    "references": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2276",
    "id": "CVE-2025-58074",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1386"
    ],
    "cvelist": null,
    "sourceData": "Gen Digital Norton Secure VPN 6.5.0.59",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Norton Secure VPN",
    "version": "6.5.0.59",
    "vendor": "Gen Digital",
    "ai_description": "Privilege escalation vulnerability during installation of Norton Secure VPN",
    "ai_severity": "High",
    "ai_vendor": "Gen Digital",
    "ai_product": "Norton Secure VPN",
    "ai_version": "6.5.0.59",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply