CVE-2025-66575 is an unquoted search path vulnerability (CWE-428) identified in VeePN's VeeVPN software version 1.6.1, specifically within the VeePNService. The vulnerability arises because the service executable path is not properly enclosed in quotation marks. On Windows systems, this can allow an attacker with local access to place a malicious executable in a directory that is parsed earlier in the unquoted path. When the system starts or reboots, the service attempts to execute the path, inadvertently running the attacker's code with LocalSystem privileges. This escalates the attacker's privileges from a standard user to the highest system level, enabling full control over the affected machine. The attack vector requires local access and user interaction, such as running a crafted service name or placing malicious files in specific directories. No authentication is required, and the vulnerability impacts confidentiality, integrity, and availability due to the potential for arbitrary code execution and system compromise. Although no public exploits are reported yet, the high CVSS score (8.5) reflects the significant risk posed by this vulnerability. The lack of an official patch at the time of disclosure increases the urgency for manual mitigations and monitoring.

For European organizations, the impact of CVE-2025-66575 is substantial. Exploitation can lead to full system compromise, allowing attackers to access sensitive data, disrupt services, or use compromised machines as footholds for lateral movement within networks. Organizations relying on VeeVPN 1.6.1 for secure remote access or internal communications face risks to confidentiality and integrity of their data. Critical sectors such as finance, healthcare, government, and critical infrastructure are particularly vulnerable due to the potential for escalated privileges leading to data breaches or operational disruption. The requirement for local access somewhat limits remote exploitation but does not eliminate risk, especially in environments where endpoint security is weak or insider threats exist. The absence of known exploits in the wild provides a window for proactive defense, but the high severity score underscores the need for immediate action to prevent exploitation.

1. Apply official patches from VeePN as soon as they become available to address the unquoted service path vulnerability. 2. In the absence of a patch, manually verify and correct the service executable path by enclosing it in quotation marks using Windows Service management tools or registry edits. 3. Restrict local user permissions to prevent unauthorized modification of service paths or placement of executables in directories referenced by the service path. 4. Implement endpoint detection and response (EDR) solutions to monitor for suspicious service modifications or unexpected executable launches during startup. 5. Conduct regular audits of installed VPN software versions across the organization to identify and remediate vulnerable instances. 6. Educate users about the risks of local privilege escalation and enforce strict access controls to limit local user capabilities. 7. Employ application whitelisting to prevent execution of unauthorized binaries in critical system paths. 8. Monitor system logs for anomalies related to service startup and executable path changes.