0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation Vulnerability

Author

Florian Bogner

Risk

[

Security Risk High

]

0day-ID

Category

Date add

CVE

Platform

Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30

Metadata
===================================================
Release Date: 29-Jun-2021
Author: Florian Bogner @ https://bee-itsecurity.at
Affected product:  Securepoint SSL VPN Client 
Fixed in: version 2.0.32
Tested on: Windows 10 x64 fully patched
CVE:  CVE-2021-35523
URL: https://bogner.sh/2021/06/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30/
Vulnerability Status: Fixed with new release

Vulnerability Description (copied from the CVE Details)
===================================================
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.

A full vulnerability description is available here: https://bogner.sh/2021/06/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30/ 

Suggested Solution
===================================================
End-users should update to the latest available version.

Disclosure Timeline
===================================================
14.04.2021: The vulnerability was discovered and reported to security@securepoint.de
15.04.2021: The report was triaged
26.04.2021: Securepoint SSL VPN Client Version 2.0.32 was released, which contains an initial fix for the vulnerability
23.06.2021: Securepoint SSL VPN Client Version 2.0.34 was released, which contains additional security measures.
28.06.2021: CVE-2021-35523 was assigned: https://nvd.nist.gov/vuln/detail/CVE-2021-35523 
29.06.2021: Responsible disclosure in cooperation with Securepoint: https://github.com/Securepoint/openvpn-client/security/advisories/GHSA-v8p8-4w8f-qh34


#  0day.today [2024-11-16]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation Vulnerability

Report Error

Report Error