55 matches found
CVE-2022-50924
Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with...
CVE-2022-50924 Private Internet Access 3.3 - 'pia-service' Unquoted Service Path
Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with...
CVE-2022-50924
CVE-2022-50924 affects Private Internet Access 3.3, specifically the pia-service unquoted service path. The unquoted path in the service configuration allows a local attacker to inject code that would run with LocalSystem privileges during service startup, enabling potentially arbitrary code exec...
CVE-2022-50924 Private Internet Access 3.3 - 'pia-service' Unquoted Service Path
Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with...
Private Internet Access 代码问题漏洞
Private Internet Access PIA is a VPN software from Private Internet Access, Inc. A code issue vulnerability exists in Private Internet Access PIA version 3.3, which stems from the presence of unquoted paths in the service configuration that could lead to the execution of arbitrary code by a local...
PT-2026-2400
Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would execute with...
CVE-2019-12578
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpnlauncher.64 binary is setuid root. This binary executes /opt/pia/openvpn-64/openvpn, passing the...
CVE-2019-12573
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to overwrite arbitrary files. The openvpnlauncher binary is setuid root. This binary supports the --log option, which accepts a path as an argument...
CVE-2019-12577
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The macOS binary openvpnlauncher.64 is setuid root. This binary creates /tmp/piaupscript.sh when executed...
How private is your VPN?
When you're shopping around for a Virtual Private Network VPN you'll find yourself in a sea of promises like "military-grade encryption!" and "total anonymity!" You can’t scroll two inches without someone waving around these fancy terms. But not all VPNs can be trusted. Some VPNs genuinely protec...
EUVD-2019-4165
Malware in sbrugna...
EUVD-2019-4170
Malware in sbrugna...
EUVD-2020-7577
Malware in sbrugna...
EUVD-2019-4166
Malware in sbrugna...
EUVD-2019-4172
Malware in sbrugna...
CVE-2019-12575
A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The rootrunner.64 binary is setuid root. This binary executes /opt/pia/ruby/64/ruby, which in turn attempts t...
Private Internet Access 3.3 Unquoted Service Path
Exploit Title: Private Internet Access 3.3 - 'pia-service' Unquoted Service Path Date: 04/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.privateinternetaccess.com Software Link: https://www.privateinternetaccess.com/download Version: 3.3.0.100 Tested: Windows 10 x64 Contact:...
Private Internet Access 3.3 - (pia-service) Unquoted Service Path Vulnerability
Exploit Title: Private Internet Access 3.3 - 'pia-service' Unquoted Service Path Exploit Author: Saud Alenazi Vendor Homepage: https://www.privateinternetaccess.com Software Link: https://www.privateinternetaccess.com/download Version: 3.3.0.100 Tested: Windows 10 x64 Contact:...
Private Internet Access 3.3 - 'pia-service' Unquoted Service Path
Exploit Title: Private Internet Access 3.3 - 'pia-service' Unquoted Service Path Date: 04/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.privateinternetaccess.com Software Link: https://www.privateinternetaccess.com/download Version: 3.3.0.100 Tested: Windows 10 x64 Contact:...
CVE-2020-15590
A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...