A high-severity privilege escalation flaw in the Norton Secure VPN installer allows local attackers to elevate their permissions on the host machine.

The vulnerability is triggered during the installation phase of the application. It allows a local, authenticated user to manipulate the installation process, resulting in the execution of tasks with elevated system privileges.

With a CVSS score of 8.8, this vulnerability presents a major risk of local privilege escalation. An attacker with standard user access could leverage this flaw to gain administrative control over the workstation, facilitating further malicious activity such as malware deployment or credential theft.

Immediate Action: Update the Norton Secure VPN application to the latest version via the Microsoft Store or the vendor portal.

Proactive Monitoring: Review system logs for unauthorized installation attempts or unexpected elevation of user privileges.

Compensating Controls: Restrict non-administrative user permissions on workstations to prevent the execution of unauthorized installers and limit the scope of local exploitation.

Public Exploit Available: false

Organizations should ensure that all VPN clients are updated to the latest available versions. Users should be prevented from performing unauthorized installations to mitigate the risk of local privilege escalation attacks.