Norton Secure VPN Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in Norton Secure VPN version 6.5.0.59, during installation via the Microsoft Store. The issue arises because a low-privilege user can manipulate files in a way that may lead to the deletion of critical system files, creating an opportunity for unauthorized elevation of privileges.

Impact

Exploitation of this vulnerability allows for arbitrary file deletion, which can be used to escalate privileges on the system.

Reproduction

To reproduce this vulnerability, a low-privilege user can create a folder in 'C:\ProgramData\NortonInstaller\Settings\' and place a 7z file with a specific GUID name, matching the one that will be generated during the Norton Secure VPN installation, into this folder. The installation process will then delete the 7z file and any files or folders linked through a junction, allowing the user to escalate privileges by removing files that could disrupt the normal operation of the system or applications.