logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-35523

Description

Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.


Affected Software


CPE Name Name Version
securepoint:openvpn-client securepoint openvpn-client 2.0.32

Related