{"id":"CVE-2020-25989","details":"Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.","modified":"2026-03-14T00:45:40.386587Z","published":"2020-11-19T21:15:12.200Z","references":[{"type":"FIX","url":"https://github.com/pritunl/pritunl-client-electron/commit/89f8c997c6f93e724f68f76f7f47f8891d9acc2d"},{"type":"EVIDENCE","url":"https://vkas-afk.github.io/vuln-disclosures/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pritunl/pritunl-client","events":[{"introduced":"0"},{"fixed":"89f8c997c6f93e724f68f76f7f47f8891d9acc2d"}]},{"type":"GIT","repo":"https://github.com/pritunl/pritunl-client-electron","events":[{"introduced":"0e5559c2ba98eac580ade83edefaac371fd303fb"},{"last_affected":"89990d31cb9b80fb1c2de2a392f9f1e7eb8bd171"}],"database_specific":{"versions":[{"introduced":"1.0.1116.6"},{"last_affected":"1.2.2550.20"}]}}],"versions":["0.1.0","0.10.1","0.10.10","0.10.11","0.10.12","0.10.13","0.10.14","0.10.15","0.10.16","0.10.17","0.10.18","0.10.19","0.10.2","0.10.3","0.10.4","0.10.5","0.10.6","0.10.7","0.10.8","0.10.9","1.0.1070.17","1.0.1075.52","1.0.1116.6","1.0.1141.79","1.0.1149.25","1.0.1154.75","1.0.1174.20","1.0.1174.27","1.0.1177.2","1.0.1187.7","1.0.1209.98","1.0.1210.1","1.0.1210.71","1.0.1212.27","1.0.1219.32","1.0.1222.48","1.0.1223.17","1.0.1258.42","1.0.1265.1","1.0.1265.14","1.0.1294.3","1.0.1294.83","1.0.1296.88","1.0.1303.3","1.0.1304.41","1.0.1311.6","1.0.1356.36","1.0.1359.97","1.0.1361.39","1.0.1363.37","1.0.1364.22","1.0.1364.27","1.0.1364.29","1.0.1380.37","1.0.1400.11","1.0.1429.19","1.0.1435.1","1.0.1436.36","1.0.1442.97","1.0.1461.29","1.0.1543.29","1.0.1561.27","1.0.1561.29","1.0.1561.31","1.0.1632.42","1.0.1653.28","1.0.1749.25","1.0.1768.89","1.0.1782.9","1.0.1804.90","1.0.1886.21","1.0.1888.35","1.0.1889.51","1.0.1907.2","1.0.1909.80","1.0.1951.33","1.0.1952.30","1.0.1953.32","1.0.2079.9","1.0.2144.93","1.0.2207.23","1.0.2226.23","1.0.2317.40","1.0.2388.46","1.0.2395.64","1.0.2404.6","1.0.2418.61","1.0.2428.78","1.0.2440.93","1.2.2549.5","1.2.2550.20"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25989.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}