📦

openvpn-client

Vendor: securepoint

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.16% Exploit Prob.

Latest CVE CVE-2023-47101 Oct 30

Security Vulnerability Index

Page 1 / 1

7.8 CVSS

CVE-2023-47101

The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair.

EPSS: 0.07%

Severity: HIGH

Oct 30, 2023

8.8 CVSS

CVE-2021-27406

An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. This could result in the attacker achieving execution with privileges of a SYSTEM user.

EPSS: 0.27%

Severity: HIGH

Oct 14, 2022

7.8 CVSS

CVE-2021-35523

Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.

EPSS: 0.15%

Severity: HIGH

Jun 28, 2021

Displaying 3 of 2 Total Entries

Total 1 Sections