Lucene search
K

49 matches found

Positive Technologies
Positive Technologies
added 2018/09/07 12:0 a.m.3 views

PT-2018-1557 · Protonvpn · Protonvpn Vpn Client

Name of the Vulnerable Software and Affected Versions: ProtonVPN VPN client version 1.5.1 Description: A code execution issue exists in the connect functionality of the ProtonVPN VPN client, allowing for privilege escalation. This can be triggered by a specially crafted configuration file, enabli...

9.3CVSS8.6AI score0.04651EPSS
Exploits2References7
Talos
Talos
added 2018/09/07 12:0 a.m.72 views

ProtonVPN VPN client connect privilege escalation vulnerability

Summary An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system’s privileges. Tested Versions...

10CVSS8.7AI score0.02538EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/06/14 12:0 a.m.10 views

The vulnerability of the ProtonVPN Service software, a VPN service for accessing ProtonVPN, allows a perpetrator to execute arbitrary code with SYSTEM privileges.

The vulnerability of the ProtonVPN service is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with SYSTEM privileges using a single OpenVPN command line...

10CVSS5.9AI score0.02538EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/04/17 12:0 a.m.5 views

ProtonVPN Elevation of Privilege Vulnerability

ProtonVPN for Windows is a free Windows-based VPN software for anonymous access to the Internet. A power lifting vulnerability exists in version 1.3.3 of ProtonVPN for Windows-based platforms, which stems from a NetNamedPipe endpoint created by the 'ProtonVPN Service' service that allows arbitrar...

10CVSS7.4AI score0.02538EPSS
Exploits0References1
OSV
OSV
added 2018/04/16 9:29 p.m.4 views

CVE-2018-10169

ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

9.8CVSS6AI score0.02538EPSS
Exploits0References1
Prion
Prion
added 2018/04/16 9:29 p.m.24 views

Privilege escalation

ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

10CVSS9.8AI score0.02538EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/04/16 9:29 p.m.24 views

CVE-2018-10169

ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

10CVSS9.8AI score0.02538EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/04/16 9:0 p.m.27 views

CVE-2018-10169

ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a...

8.6AI score0.02538EPSS
Exploits0References1
CVE
CVE
added 2018/04/16 9:0 p.m.73 views

CVE-2018-10169

Concretely, CVE-2018-10169 affects ProtonVPN for Windows (ProtonVPN 1.3.3) via the ProtonVPN Service. The service exposes a NetNamedPipe endpoint; the Connect method passes an OpenVPN configuration to a helper that runs with SYSTEM privileges. An attacker can inject a malicious OpenVPN config (e....

10CVSS8.6AI score0.02538EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder