What is GHSA-7wj7-3wwj-fhf7?

GHSA-7wj7-3wwj-fhf7 is a security advisory published by GitHub Security Advisories with High severity. A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the...

Which CVE IDs does GHSA-7wj7-3wwj-fhf7 cover?

GHSA-7wj7-3wwj-fhf7 covers the following CVE IDs: CVE-2025-58074. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-7wj7-3wwj-fhf7?

GHSA-7wj7-3wwj-fhf7 has a CVSS v3 base score of 8.8, published by GitHub Security Advisories.

GHSA-7wj7-3wwj-fhf7HighCVSS 8.8

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the...

Vendor

GitHub Security Advisories

Published

May 4, 2026

Last Modified

May 28, 2026

🔗 CVE IDs covered (1)

CVE-2025-58074 →

📋 Description

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges.

🔗 References (5)

https://nvd.nist.gov/vuln/detail/CVE-2025-58074
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2276
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2276
https://www.gendigital.com/us/en/contact-us/security-advisories
https://github.com/advisories/GHSA-7wj7-3wwj-fhf7