CVE-2018-10204

PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. When configured to use the OpenVPN protocol, the "sevpnclient" service executes "openvpn.exe" using the OpenVPN config file located at %PROGRAMDATA%purevpnconfigconfig.ovpn. This file allows "Write" permissions to users in the "Everyone" group. An authenticated attacker may modify this file to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM account.
Configurations

Configuration 1

cpe:2.3:a:purevpn:purevpn:6.0.1:*:*:*:*:windows:*:*

Information

Published : 2018-04-18 09:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-10204

Mitre link : CVE-2018-10204

Products Affected
No products.
CWE