CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7012 – Cato Networks Linux Client Local Privilege Escalation via Symlink
https://notcve.org/view.php?id=CVE-2025-7012
13 Jul 2025 — An issue in Cato Networks' CatoClient for Linux, before version 5.5, allows a local attacker to escalate privileges to root by exploiting improper symbolic link handling. • https://support.catonetworks.com/hc/en-us/articles/28552501717405-CVE-2025-7012-Linux-Client-Local-Privilege-Escalation-via-Symbolic-Link-Handling • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43976
https://notcve.org/view.php?id=CVE-2023-43976
03 Oct 2023 — An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component. Un problema en CatoNetworks CatoClient anterior a v.5.4.0 permite a los atacantes escalar privilegios y ganar la condición de ejecución (TOCTOU) a través del componente PrivilegedHelperTool. • https://www.catonetworks.com • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •