EUVD-2020-20028

Malware in sbrugna...

CVE-2020-27518

All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...

Windscribe elevation of privilege vulnerability (CNVD-2021-39545)

Windscribe VPN is a VPN software from Windscribe Canada. An elevation of privilege vulnerability exists in Windscribe version 1.83 Build 20. An attacker can exploit this vulnerability for elevation of privilege...

CVE-2020-27518

All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...

CVE-2020-27518

All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...

Privilege escalation

All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...

CVE-2020-27518

CVE-2020-27518 concerns Windscribe VPN for Mac and Windows, versions

Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windscribe WindscribeService Named Pipe Privilege Escalation', 'Description' = %q The Windscribe VPN client application for Windows makes use of ...

Windscribe WindscribeService Named Pipe Privilege Escalation

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...

CVE-2018-11479

The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processe...

Code injection

The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processe...

Windscribe 1.81 Code Execution

Vulnerability description: The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVP...