JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices

A critical vulnerability CVE-2025-34352 found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw...

CVE-2025-34352

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on...

EUVD-2025-200311

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on...

CVE-2025-34352 JumpCloud Remote Assist < 0.317.0 Arbitrary File Write/Delete via Insecure Temp Directory

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on...

CVE-2025-34352 JumpCloud Remote Assist < 0.317.0 Arbitrary File Write/Delete via Insecure Temp Directory

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on...

JumpCloud Remote Assist 安全漏洞

JumpCloud Remote Assist is a remote access module from JumpCloud USA. A security vulnerability exists in JumpCloud Remote Assist versions prior to 0.317.0 that stems from the uninstaller performing privileged operations without verifying directory trust, which could result in arbitrary file write...

CVE-2023-26603

JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions. This allows privilege escalation to SYSTEM via a repair action in the installer...

CVE-2023-26603

JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions. This allows privilege escalation to SYSTEM via a repair action in the installer...

CVE-2023-26603

Summary: JumpCloud Agent before 1.178.0 creates a temporary file in a directory with insecure permissions, enabling privilege escalation to SYSTEM via a repair action in the installer. This is evidenced across multiple sources (NVD/Red Hat/CNNVD/PT-Security/vulnrichment), which consistently descr...

PT-2024-12106 · Jumpcloud · Jumpcloud Agent

Name of the Vulnerable Software and Affected Versions: JumpCloud Agent versions prior to 1.178.0 Description: The issue allows privilege escalation to SYSTEM via a repair action in the installer. This is due to the creation of a temporary file in a directory with insecure permissions...

JumpCloud Agent 安全漏洞

JumpCloud Agent is an application from JumpCloud, Inc. allows IT administrators to remotely manage Windows, Mac and Linux systems using security policies. A security vulnerability exists in JumpCloud Agent versions prior to 1.178.0, which stems from a vulnerability that allows an attacker to crea...

CVE-2023-26603

JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions. This allows privilege escalation to SYSTEM via a repair action in the installer...

CVE-2023-26603

JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions. This allows privilege escalation to SYSTEM via a repair action in the installer...

North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder

North Korean nation-state actors affiliated with the Reconnaissance General Bureau RGB have been attributed to the JumpCloud hack following an operational security OPSEC blunder that exposed their actual IP address. Google-owned threat intelligence firm Mandiant attributed the activity to a threa...

North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack

An analysis of the indicators of compromise IoCs associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of the supply chain attack targeting 3CX. The findings come from SentinelOne, which mapped o...

JumpCloud Blames 'Sophisticated Nation-State' Actor for Security Breach

A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary "gained unauthorized access to our systems to target a small and specific set of our customers," Bob...

JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident

JumpCloud, a provider of cloud-based identity and access management solutions, has swiftly reacted to an ongoing cybersecurity incident that impacted some of its clients. As part of its damage control efforts, JumpCloud has reset the application programming interface API keys of all customers...

JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident

JumpCloud, a provider of cloud-based identity and access management solutions, has swiftly reacted to an ongoing cybersecurity incident that impacted some of its clients. As part of its damage control efforts, JumpCloud has reset the application programming interface API keys of all customers...