Securepoint SSL VPN Client v2 prior to 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
securepoint openvpn-client |