CVE-2020-9442

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%OpenVPN Connectdriverstapamd64win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.
References
Link Resource
https://github.com/hessandrew/CVE-2020-9442 Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2020-02-28 02:15

Updated : 2020-03-03 04:30


NVD link : CVE-2020-9442

Mitre link : CVE-2020-9442

Products Affected
No products.
CWE
CWE-281

Improper Preservation of Permissions