CVE-2018-10204
Last modified
CVE-2018-10204 is a vulnerability of currently unknown severity. PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. When configured to use the OpenVPN protocol, the "sevpnclient" service executes "openvpn.exe" using the OpenVPN config file located at %PROGRAMDATA%\purevpn\config\config.ovpn. EPSS estimates a 1.54% chance of exploitation in the next 30 days.
Description
PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. When configured to use the OpenVPN protocol, the "sevpnclient" service executes "openvpn.exe" using the OpenVPN config file located at %PROGRAMDATA%\purevpn\config\config.ovpn. This file allows "Write" permissions to users in the "Everyone" group. An authenticated attacker may modify this file to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM account.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Purevpn | Purevpn | 6.0.1 |
References
- https://github.com/VerSprite/research/blob/master/advisories/VS-2018-021.mdThird Party Advisory
- https://github.com/VerSprite/research/blob/master/advisories/VS-2018-021.mdThird Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-10204?
How severe is CVE-2018-10204?
How do I fix CVE-2018-10204?
Are you affected by CVE-2018-10204?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST