Privilege escalation flaw reported in JumpCloud Remote Assist for Windows
Take action: This one is potentially very dangerous, but complex to exploit and does require several prerequisites like having local access and triggering specific sequences of events on the computer including JumpCloud uninstall. It's important to update all agents, but not a panic mode patch. Just keep up the patches of your fleet.
Learn More
XM Cyber security researcher Hillel Pinto is reporting a security vulnerability in the JumpCloud Remote Assist for Windows agent that enables local privilege escalation and denial-of-service attacks.
JumpCloud is a cloud-based identity and device management platform. It's agent on managed Windows endpoints runs with maximum system privileges to enforce policies and manage devices. An exploit against this agent translates directly into full, persistent control over the endpoint, posing an immediate threat to corporate assets.
The flaw is tracked as CVE-2025-34352 (CVSS score 9.8). During the uninstallation of the main JumpCloud agent, the system automatically triggers the removal of the Remote Assist component. This secondary uninstaller performs privileged create, write, execute, and delete actions on predictable files inside the Windows %TEMP% subdirectory without validating that the directory is trusted or resetting its Access Control Lists (ACLs). The uninstaller builds file paths dynamically using environment variables and looks for specific uninstaller binaries within user-writable folders. Because these operations occur with SYSTEM-level permissions in an untrusted location, any low-privileged local user can exploit this weakness through symbolic link and mount-point redirection techniques.
The vulnerability enables two attack scenarios:
- Attackers can achieve arbitrary file writes leading to denial of service by creating a mounting point from %TEMP%~nsuA.tmp to the \RPCControl object directory and establishing a pseudo-symlink from the temporary directory to system files such as C:\Windows\System32\cng.sys. When the uninstallation is triggered, the SYSTEM process corrupts the cryptographic driver, resulting in an infinite Blue Screen of Death that crashes the machine until manual repair is performed.
- Attackers exploit an arbitrary file delete primitive through a Time-of-Check to Time-of-Use (TOCTOU) race condition targeting the protected C:\Config.Msi directory. By setting an Oplock on the target file and creating a symlink to the folder's Alternate Data Stream, attackers can redirect the DeleteFileW() operation to delete the entire protected folder. Once this directory is compromised, attackers can replace its contents and trigger the Windows Installer, obtaining a full NT AUTHORITY\SYSTEM shell and achieving complete system compromise.
Affected versions of JumpCloud Remote Assist for Windows include all versions prior to 0.317.0 installed on Windows systems where Remote Assist is managed through the Agent lifecycle.
JumpCloud has released version 0.317.0 of Remote Assist for Windows that patches this issue. Organizations are strongly advised to verify that all Windows devices running the JumpCloud Agent are updated to version 0.317.0 or later.
