Arbitrary Code Execution Vulnerability in Tunnelblick by The Tunnelblick Team
CVE-2025-43711

Currently unrated

Key Information:

Vendor: The Tunnelblick Team
Status: Tunnelblick
Vendor: CVE Published:; 5 July 2025

🔔 Create The Tunnelblick Team Vulnerability Alert

What is CVE-2025-43711?

A serious security flaw in Tunnelblick, a popular open-source VPN client for macOS, exists in versions before 7.0. When incompletely uninstalled, this vulnerability allows attackers to execute arbitrary code as root on the next system boot. This is achieved by placing a malicious Tunnelblick.app file in the /Applications directory. Users should ensure that they fully uninstall the application to mitigate potential risks associated with this threat.

References

https://tunnelblick.net/cCVE-2025-43711.html

https://tunnelblick.net/downloads.html

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 5, 2025