CVE-2019-25343
Awaiting Analysis Awaiting Analysis - Queue
Insecure File Permissions in NextVPN 4.10 Enables Privilege Escalation

Publication date: 2026-02-12

Last updated on: 2026-02-13

Assigner: VulnCheck

Description
NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-12
Last Modified
2026-02-13
Generated
2026-06-16
AI Q&A
2026-02-12
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25343
EUVD
EUVD-2019-19481
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
nextvpn nextvpn 4.10
nextvpn nextvpn to 4.10 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2019-25343 is an insecure file permissions vulnerability found in NextVPN version 4.10 and earlier. Due to incorrect permission settings during installation, local users with limited privileges can modify executable files by having full access rights to them.

This vulnerability allows attackers to replace legitimate system executables with malicious files. When these replaced executables are run, the attacker can escalate their privileges to SYSTEM or Administrator level without requiring user interaction.

Impact Analysis

This vulnerability can lead to local privilege escalation on affected systems running NextVPN 4.10 or earlier. An attacker with local access can exploit the insecure file permissions to replace critical executable files with malicious versions.

By doing so, the attacker gains SYSTEM or Administrator privileges, which allows them to fully control the system, compromise confidentiality, integrity, and availability of data, and potentially execute arbitrary code with the highest system privileges.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by checking the file and folder permissions of the NextVPN installation directory and its executable files. Specifically, you want to verify if the executables have insecure permissions that grant full control to users with limited privileges.

A suggested command to detect insecure permissions on Windows systems is the use of the icacls command to list the permissions of the relevant executable files.

  • Run `icacls` on the NextVPN installation directory and executables, for example: `icacls C:\Path\To\NextVPN\*.exe`
  • Check if the output shows that the logged-in user or non-administrative users have full control permissions over these executables.
Mitigation Strategies

Immediate mitigation involves correcting the file and folder permissions of the NextVPN installation directory and its executables to restrict unauthorized modification.

Ensure that only SYSTEM and Administrators have full control permissions, and remove full control permissions from standard or limited users.

Additionally, consider replacing any potentially modified executables with clean, trusted versions to prevent execution of malicious files.

If possible, update NextVPN to a version later than 4.10 where this vulnerability is fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25343. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart