RSS   Vulnerabilities for 'Connect'   RSS

2021-07-02
 
CVE-2021-3613

CWE-427
 

 
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (OpenVPNConnect.exe).

 
2021-03-30
 
CVE-2020-15075

CWE-59
 

 
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.

 

 >>> Vendor: Openvpn 4 Products
Openvpn
Openvpn access server
Connect
Private tunnel


Copyright 2022, cxsecurity.com

 

Back to Top