CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-1683: Symbolic Link Exploit in Nomad module allows Arbitrary File Deletion

7.8 CVSS

Description

Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on a Windows system to delete arbitrary files on the device by exploiting symbolic links.

Classification

CVE ID: CVE-2025-1683

CVSS Base Severity: HIGH

CVSS Base Score: 7.8

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem Types

CWE-59 Improper Link Resolution Before File Access ('Link Following')

Affected Products

Vendor: 1E

Product: 1E Client

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 2.77% (scored less or equal to compared to others)

EPSS Date: 2025-04-10 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-1683
https://nvd.nist.gov/vuln/detail/CVE-2025-1683
https://www.1e.com/trust-security-compliance/cve-info/
https://cwe.mitre.org/data/definitions/59.html
https://capec.mitre.org/data/definitions/27.html

Timeline

2025-03-12 16:40:22 UTC
CVE

Symbolic Link Exploit in Nomad module allows Arbitrary File Deletion