Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-0517

Published: 22/12/2022 Updated: 29/12/2022
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Vpn

Vulnerability Summary

Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla vpn

Vendor Advisories

Mozilla: Mozilla VPN local privilege escalation vis uncontrolled OpenSSL search path
Mozilla Foundation Security Advisory 2022-08 Mozilla VPN local privilege escalation vis uncontrolled OpenSSL search path Announced February 23, 2022 Impact high Products Mozilla VPN Fixed in Mozilla VPN ...

References

CWE-434https://bugzilla.mozilla.org/show_bug.cgi?id=1752291https://www.mozilla.org/security/advisories/mfsa2022-08/https://nvd.nist.govhttps://www.mozilla.org/en-US/security/advisories/mfsa2022-08/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook