HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0.

HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability