Описание
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
Релиз | Статус | Примечание |
---|---|---|
devel | not-affected | Windows only |
esm-infra-legacy/trusty | not-affected | Windows only |
esm-infra/bionic | not-affected | Windows only |
esm-infra/focal | not-affected | Windows only |
esm-infra/xenial | not-affected | Windows only |
focal | not-affected | Windows only |
jammy | not-affected | Windows only |
mantic | not-affected | Windows only |
noble | not-affected | Windows only |
trusty/esm | not-affected | Windows only |
Показывать по
Ссылки на источники
EPSS
8.8 High
CVSS3
Связанные уязвимости
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, le ...
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
Уязвимость службы Interactive Service (iservice) клиента OpenVPN GUI программного обеспечения OpenVPN, позволяющая нарушителю получить несанкционированный доступ к учетной записи пользователя
EPSS
8.8 High
CVSS3