CVE-2025-34075 | HashiCorp Vagrant up to 2.3.x on Windows Configuration File /vagrant default permission

A vulnerability was found in HashiCorp Vagrant up to 2.3.x on Windows and classified as critical. Affected by this issue is some unknown functionality of the file /vagrant of the component Configuration File Handler. The manipulation leads to incorrect default permissions.

This vulnerability is handled as CVE-2025-34075. It is possible to launch the attack on the local host. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More