Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openvpn openvpn 2.1.28.0 |
||
privatetunnel privatetunnel 2.3.8 |