How to fix EUVD-2025-200974?

Within 24 hours: Identify and inventory all Windows systems running Guardicore Agent versions prior to v49.20.1, v50.15.0, v51.12.0, and v52.2.0; implement file system monitoring on the OpenSSL configuration directory; restrict local user access to sensitive directories where possible. Within 7 days: Apply the vendor patch to all identified systems according to your change management procedures, prioritizing critical infrastructure and systems with elevated privileges. Within 30 days: Complete patching of all remaining systems; validate successful deployment through vulnerability scanning; conduct incident review to determine if exploitation occurred historically.

Is OpenSSL affected by EUVD-2025-200974?

Akamai Guardicore Platform Agent for Windows contains a critical privilege escalation vulnerability that allows any local user to gain SYSTEM-level access to affected systems.

EUVD-2025-200974

| CVE-2025-53841 HIGH

2025-12-03 [email protected]

7.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 16:14 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 16:14 euvd

EUVD-2025-200974

CVE Published

Dec 03, 2025 - 15:15 nvd

HIGH 7.8

Description

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

Analysis

Technical Context

Privilege escalation allows a low-privileged user or process to gain elevated permissions beyond what was originally authorized. This vulnerability is classified as Inclusion of Functionality from Untrusted Control Sphere (CWE-829).

Remediation

Apply the principle of least privilege. Keep systems patched. Monitor for suspicious privilege changes. Use mandatory access controls (SELinux, AppArmor).

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +39

POC: 0

EUVD-2025-200974 vulnerability details – vuln.today

Back

EUVD-2025-200974

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Remediation

Priority Score

Share

EUVD-2025-200974

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Remediation

Priority Score

Share

External POC / Exploit Code