The vulnerability of the Nomad Module component of the 1E Client software allows a hacker to delete any files on the device.

The vulnerability of the Nomad Module component of the 1E Client software lies in the improper handling of symbolic links before accessing files. Exploiting this vulnerability could allow an attacker to delete any files on the device...

CVE-2025-1683

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links...

CVE-2025-1683

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links...

CVE-2025-1683

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links...

CVE-2025-1683 Symbolic Link Exploit in 1E Client's - Nomad module allows Arbitrary File Deletion

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links...

CVE-2025-1683 Symbolic Link Exploit in 1E Client's - Nomad module allows Arbitrary File Deletion

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links...

PT-2025-11086

Name of the Vulnerable Software and Affected Versions: 1E Client versions prior to 25.3 Description: The issue is related to improper link resolution before file access in the Nomad module, allowing an attacker with local unprivileged access on a Windows system to delete arbitrary files by...

CVE-2020-16268

The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...

CVE-2020-16268

The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...

Code injection

The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...