CVE-2025-20259 – Cisco ThousandEyes Endpoint Agent for Windows Symbolic Link File Deletion Vulnerability

June 4, 2025

CVE ID : CVE-2025-20259

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device.

These vulnerabilities are due to improper access controls on files that are in the local file system. An attacker could exploit these vulnerabilities by using a symbolic link to perform an agent upgrade that redirects the delete operation of any protected file. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20275 – Cisco Unified Contact Center Express Java Deserialization Code Execution Vulnerability

Next Article CVE-2025-20261 – Cisco IMC SSH Privilege Escalation Vulnerability

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-20259 – Cisco ThousandEyes Endpoint Agent for Windows Symbolic Link File Deletion Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

Smashing Security podcast #416: High street hacks, and Disney’s Wingdings woe

CVE-2025-37998 – Openvswitch Netlink Attribute Parsing Vulnerability

CVE-2025-50367 – PhpGurukul Medical Card Generation System Stored Blind XSS

CVE-2025-50201 – WeGIA Web Manager OS Command Injection Vulnerability

CVE-2025-1041 – Avaya Call Management System Remote Command Injection

CVE-2025-5879 – WuKongOpenSource WukongCRM Remote Cross-Site Scripting Vulnerability

How Retrieval-Augmented Generation (RAG) Is Transforming Enterprise AI Solutions🔍

CVE-2025-6192 – Google Chrome Use After Free in Metrics

CVE-2025-20259 – Cisco ThousandEyes Endpoint Agent for Windows Symbolic Link File Deletion Vulnerability

Related Posts