Key Information Vulnerability Overview Vulnerability Type: Vertical Privilege Escalation (CVE-2025-43711) Report Date: 2025-03-14 Patch Release Date: 2025-04-22 Vulnerability Details Affected Versions: Tunnelblick 3.5beta06 to 6.1beta2 Unaffected Versions: Versions prior to 3.5beta06 and after 6.1beta2 Exploitation Conditions 1. An affected version of Tunnelblick is installed. 2. The Tunnelblick application has been moved to Trash or deleted, but not fully uninstalled. 3. The attacker logs in with administrator privileges. 4. The computer is unlocked. Exploitation Method The attacker uses Finder to drag a specially crafted Tunnelblick.app to the /Applications directory, gaining root privileges without authentication. Mitigation Measures Continue Using Tunnelblick: - Upgrade to Tunnelblick 7.0 or later. - Do not delete Tunnelblick.app from the Applications directory. - Always run as a standard user, not an administrator. - Do not leave the computer unlocked when unattended. Discontinue Using Tunnelblick: - Fully uninstall using the built-in uninstaller or the standalone Tunnelblick Uninstaller. - Delete specific files to prevent exploitation. FAQ How to Check if Vulnerable: - Verify the existence of and files. Impact of Incomplete Uninstallation: - May allow successful exploitation; ensure complete removal.