CVE-2025-1683 – Symbolic Link Exploit in 1E Client's - Nomad module allows Arbitrary File Deletion

https://notcve.org/view.php?id=CVE-2025-1683

12 Mar 2025 — Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links. • https://capec.mitre.org/data/definitions/27.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •