A critical security vulnerability affecting the JumpCloud Remote Assist for Windows agent has been identified, exposing managed endpoints to local privilege escalation and denial-of-service (DoS) attacks. The flaw, tracked as CVE-2025-34352, affects all versions of the agent released before 0.317.0 and stems from unsafe file operations performed during uninstallation.

Source: Infosecurity