12 matches found
EUVD-2020-20028
Malware in sbrugna...
CVE-2020-27518
All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...
Windscribe elevation of privilege vulnerability (CNVD-2021-39545)
Windscribe VPN is a VPN software from Windscribe Canada. An elevation of privilege vulnerability exists in Windscribe version 1.83 Build 20. An attacker can exploit this vulnerability for elevation of privilege...
CVE-2020-27518
All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...
CVE-2020-27518
All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...
Privilege escalation
All versions of Windscribe VPN for Mac and Windows = v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM...
CVE-2020-27518
CVE-2020-27518 concerns Windscribe VPN for Mac and Windows, versions
Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windscribe WindscribeService Named Pipe Privilege Escalation', 'Description' = %q The Windscribe VPN client application for Windows makes use of ...
Windscribe WindscribeService Named Pipe Privilege Escalation
The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...
Code injection
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processe...
CVE-2018-11479
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processe...
Windscribe 1.81 Code Execution
Vulnerability description: The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVP...