1. Home
  2. CVE Database
  3. CVE-2025-20259
MEDIUM · 5.3

CVE-2025-20259

Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These v...

Vulnerability Description

Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An attacker could exploit these vulnerabilities by using a symbolic link to perform an agent upgrade that redirects the delete operation of any protected file. A successful exploit could allow the attacker to delete arbitrary files from the file system of the affected device.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
CiscoThousandeyes Endpoint Agent< 2.3.3
MicrosoftWindows-

Related Weaknesses (CWE)

CWE-22

References

FAQ

What is CVE-2025-20259?

CVE-2025-20259 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These v...

How severe is CVE-2025-20259?

CVE-2025-20259 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-20259?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Thousandeyes Endpoint Agent, Microsoft Windows.