CNNVD-202512-180 Information
CNNVD ID
CNNVD-202512-180
Related CVE
- CNNVD Published: 2025-12-02
Description (Chinese)
JumpCloud Remote Assist是美国JumpCloud公司的一个远程访问模块。 JumpCloud Remote Assist 0.317.0之前版本存在安全漏洞,该漏洞源于卸载程序执行特权操作时未验证目录信任,可能导致任意文件写入或删除和本地权限提升。
Description (English)
JumpCloud Remote Assist is a remote access module for JunmpCloud in the United States. There is a security loophole in the pre-JumpClaud Remote Assist 0.317.0, which stems from the fact that the unmounted program performs privileges without verifying the directory trust, which may lead to the writing or deletion of any files and the enhancement of local privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
JumpCloud
Published
2025-12-02
Last Modified
2026-02-24
References
https://jumpcloud.com/platform/remote-assistance https://jumpcloud.com/support/list-of-jumpcloud-agent-release-notes https://www.vulncheck.com/advisories/jumpcloud-remote-assist-arbitrary-file-write-delete-via-insecure-temp-directory https://access.redhat.com/security/cve/cve-2025-34352
Patch
https://jumpcloud.com/platform/remote-assistance
Share on: