EUVD-2017-18537

Malware in sbrugna...

CVE-2013-3496

Infotecs ViPNet Client 3.2.10 15632 and earlier, ViPNet Coordinator 3.2.10 15632 and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 0.5643 and earlier use weak permissions Everyone: Full Control for a folder under %PROGRAMFILES%\Infotecs, which allows local users to ga...

The vulnerability of the update mechanism of the software-hardware protection system ViPNet Client 4 allows a perpetrator to execute software that simulates an update.

The vulnerability of the software-hardware protection mechanism ViPNet Client 4 is related to the insufficient number of verifications of the legitimacy of updates sent via the mftp transport protocol. This vulnerability can only be exploited by a internal intruder with elevated privileges who...

Russian organizations targeted by backdoor masquerading as secure networking software updates

As we were looking into a cyberincident in April 2025, we uncovered a rather sophisticated backdoor. It targeted various large organizations in Russia, spanning the government, finance, and industrial sectors. While our investigation into the attack associated with the backdoor is still ongoing, ...

PT-2025-19288 · Оао 'Инфотекс' · Vipnet Client

Уязвимость механизма обновления программно-аппаратного комплекса защиты информации ViPNet Client 4 связана с недостаточным количеством проверок легитимности конверта обновления, распространяемого по транспортному протоколу mftp. Эксплуатация уязвимости возможна только для внутреннего нарушителя,...

The vulnerability of the binary file control system of the software-hardware protection complex ViPNet Client allows a perpetrator to execute arbitrary code with administrator privileges.

The vulnerability of the binary file control system of the ViPNet Client software lies in the lack of access control mechanisms. Exploiting this vulnerability allows an attacker to execute arbitrary code with administrator privileges using a specially crafted DLL file placed in the ViPNet Client...

SUSE CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

InfoTeCS / Protelion ViPNet Client Detection (Windows SMB Login)

SMB login-based detection of InfoTeCS / Protelion ViPNet Client. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

The vulnerability of the ViPNet Client’s software-hardware protection system lies in its ability to replace the dynamic library, allowing an attacker to execute arbitrary code.

The vulnerability of the ViPNet Client software lies in the possibility of replacing the dynamic library. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted dynamic library...

The vulnerability of the function for checking update files of the software-hardware information protection system ViPNet Client allows a perpetrator to install malicious software.

The vulnerability of the update file checking function of the ViPNet Client software lies in the weak verification of the digital signatures of these files. Exploiting this vulnerability could allow attackers to install malicious software...

The vulnerabilities of the ViPNet Coordinator HW 4 and ViPNet Coordinator KB 4 systems, related to insufficient validation of input data, allow attackers to exploit these systems to exhaust network resources by combining deleted attacks with the use of fragmented packets.

The vulnerabilities of the ViPNet Coordinator HW 4 and ViPNet Coordinator KB 4 are related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to cause network resources to be exhausted, resulting in a reboot of the ViPNet Coordinator due to an internal...

The vulnerability of the software-hardware protection system VipNet Coordinator, which allows a perpetrator to trigger a service failure.

The vulnerability of the VipNet Coordinator HW software architecture related to information protection is linked to memory overflow in the hard drive. Exploiting this vulnerability allows a malicious actor to disrupt the MFTP protocol-based information exchange between all nodes of the ViPNet...

The vulnerability of the DLL-file loading mechanism of the cryptographic protection tool ViPNet Coordinator, which allows a hacker to execute arbitrary code with administrator privileges.

The vulnerability of the DLL file loading mechanism of the cryptographic protection tool ViPNet Coordinator is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code with administrator privileges using a specially crafted DLL file...

Infotecs ViPNet Client and Coordinator Privilege Access Control Vulnerability

Infotecs ViPNet Client and Coordinator are both products of Infotecs, a German company. Infotecs ViPNet Client is the client side of a software-based VPN solution; Coordinator is the server side. A security vulnerability exists in Infotecs ViPNet Client and Coordinator that stems from incorrect...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

Design/Logic Flaw

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

CVE-2017-9606

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks...

CVE-2017-9606

CVE-2017-9606 affects Infotecs ViPNet Client and Coordinator prior to 4.3.2-42442. The vulnerability allows a local attacker to gain privileges by placing a Trojan horse ViPNet update file in the update folder. Root cause is incorrect folder permissions combined with insufficient integrity and au...