2 matches found
CVE-2022-0517
Mozilla VPN is affected by a local privilege escalation vulnerability where an OpenSSL configuration file can be loaded from an unsecured directory. This allows a user or low-privilege attacker to execute arbitrary code with SYSTEM privileges on affected builds prior to 2.7.1. Remediation is to u...
CVE-2022-0517
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN 2.7.1...