Akamai acquires LayerX, delivering end-to-end security and real-time AI usage control to any browser. Get details

CVE-2025-53841: Guardicore Local Privilege Escalation Vulnerability

Akamai Wave Blue

Dec 09, 2025

Akamai InfoSec

Akamai Wave Blue

Written by

Akamai InfoSec

Share

Akamai has mitigated a local privilege escalation vulnerability in Akamai’s Guardicore Platform Agent for Windows. Updated versions containing a fix for this vulnerability have been available to all customers using Guardicore since the beginning of November 2025 and we are strongly encouraging all users to upgrade (if they have not yet done so).

Vulnerability details

The GC-AGENTS-SERVICE running as part of Akamai’s Guardicore Platform Agent on Windows was affected by a local privilege escalation vulnerability. The service attempted to read an OpenSSL configuration file from a nonexistent location that standard Windows users have default write access to. 

This allowed an unprivileged local user to create a crafted “openssl.cnf” file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. 

Since Guardicore Agent runs with SYSTEM privileges, this permitted an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

This attack vector could only be exploited by a user with local access to the workstation or server; it is not remotely exploitable.

The vulnerability has been assigned CVE-2025-53841.

Mitigation

For upgrade instructions and version details, please see our Knowledge Base article or reach out to us via the Akamai Control Center Portal with any questions.

Special thanks

This vulnerability was brought to our attention by Shadi Habbal from TÜV Rheinland i-sec GmbH. Akamai would like to thank Shadi and TÜV Rheinland for their professional cooperation and responsible disclosure.

Akamai Wave Blue

Dec 09, 2025

Akamai InfoSec

Akamai Wave Blue

Written by

Akamai InfoSec

Tags

Share

Related Blog Posts

Security
API Security Under Federal Scrutiny: A Wake-Up Call for CIOs
June 13, 2025
Learn how to take a deliberate and structured approach to API security to meet increasing compliance regulations and reduce risk exposure.
Security
Gain Deeper Visibility into Risks to Meet Security Compliance Demands
May 09, 2025
Learn how real-time visibility into assets, infrastructure, and threats can reduce risk, strengthen security, and regulatory compliance.
Security
Redundant, Secure, and Open Short Domains: A Vision for Multi-Provider Apex Domain Aliases to Enable DNS Diversity
November 11, 2020
Human nature is to seek simpler and convenient ways to do things. One example is the sometimes onerous task of typing a URL into a web browser's address bar. Since users prefer short, easy-to-remember URLs, an internet trend is to use short domains for websites (e.g., edgedns.zone). With short website names, users benefit from the convenience of fewer characters to remember and type.