CVE-2013-3496

Infotecs ViPNet Client 3.2.10 15632 and earlier, ViPNet Coordinator 3.2.10 15632 and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 0.5643 and earlier use weak permissions Everyone: Full Control for a folder under %PROGRAMFILES%\Infotecs, which allows local users to ga...

The vulnerability of the update mechanism of the software-hardware protection system ViPNet Client 4 allows a perpetrator to execute software that simulates an update.

The vulnerability of the software-hardware protection mechanism ViPNet Client 4 is related to the insufficient number of verifications of the legitimacy of updates sent via the mftp transport protocol. This vulnerability can only be exploited by a internal intruder with elevated privileges who...

PT-2025-19288 · Оао 'Инфотекс' · Vipnet Client

Уязвимость механизма обновления программно-аппаратного комплекса защиты информации ViPNet Client 4 связана с недостаточным количеством проверок легитимности конверта обновления, распространяемого по транспортному протоколу mftp. Эксплуатация уязвимости возможна только для внутреннего нарушителя,...

The vulnerability of the binary file control system of the software-hardware protection complex ViPNet Client allows a perpetrator to execute arbitrary code with administrator privileges.

The vulnerability of the binary file control system of the ViPNet Client software lies in the lack of access control mechanisms. Exploiting this vulnerability allows an attacker to execute arbitrary code with administrator privileges using a specially crafted DLL file placed in the ViPNet Client...

SUSE CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

The vulnerability of the ViPNet Client’s software-hardware protection system lies in its ability to replace the dynamic library, allowing an attacker to execute arbitrary code.

The vulnerability of the ViPNet Client software lies in the possibility of replacing the dynamic library. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted dynamic library...

The vulnerability of the function for checking update files of the software-hardware information protection system ViPNet Client allows a perpetrator to install malicious software.

The vulnerability of the update file checking function of the ViPNet Client software lies in the weak verification of the digital signatures of these files. Exploiting this vulnerability could allow attackers to install malicious software...

Infotecs ViPNet Client and Coordinator Privilege Access Control Vulnerability

Infotecs ViPNet Client and Coordinator are both products of Infotecs, a German company. Infotecs ViPNet Client is the client side of a software-based VPN solution; Coordinator is the server side. A security vulnerability exists in Infotecs ViPNet Client and Coordinator that stems from incorrect...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...