Securepoint: >> Openvpn-Client >> 2.0.18 Security Vulnerabilities
The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-10-30
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-06-28