Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2022-25165

Published: 14/04/2022 Updated: 13/05/2022
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1
VMScore: 615
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Amazon

Vulnerability Summary

An issue exists in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service (running as SYSTEM) processing the file. Dangerous arguments can be injected by a low-level user such as log, which allows an arbitrary destination to be specified for writing log files. This leads to an arbitrary file write as SYSTEM with partial control over the files content. This can be abused to cause an elevation of privilege or denial of service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

amazon aws client vpn 2.0.0

Github Repositories

https://github.com/zlw9991/netflix-password-sharing-with-vpn-risks

work in progress

Netflix Password Sharing With Vpn Risks / vulnerabilities Table of contents 1Situation 2Risk 3Proof of concept Situation As of JAN 31, 2023, Netflix has decided to crackdown on password sharing Specifically: Users must log in to Netflix via their primary location's Wi-Fi network once every 31 days Methods to circumvent this involve the usage of VPNs, nam

https://github.com/Jaikumar3/Cloud-Security-Attacks

Cloud Security - Attacks AWS Privilege Escalation to SYSTEM in AWS VPN Client rhinosecuritylabscom/aws/cve-2022-25165-aws-vpn-client/ AWS WorkSpaces Remote Code Execution rhinosecuritylabscom/aws/cve-2021-38112-aws-workspaces-rce/ Resource Injection in CloudFormation Templates rhinosecuritylabscom/aws/cloud-malware-cloudformation-injection/ Down

https://github.com/Mehedi-Babu/security_attacks_cloud

Cloud Security - Attacks AWS Privilege Escalation to SYSTEM in AWS VPN Client rhinosecuritylabscom/aws/cve-2022-25165-aws-vpn-client/ AWS WorkSpaces Remote Code Execution rhinosecuritylabscom/aws/cve-2021-38112-aws-workspaces-rce/ Resource Injection in CloudFormation Templates rhinosecuritylabscom/aws/cloud-malware-cloudformation-injection/ Down

https://github.com/CyberSecurityUP/Cloud-Security-Attacks

Azure and AWS Attacks

Cloud Security - Attacks AWS Privilege Escalation to SYSTEM in AWS VPN Client rhinosecuritylabscom/aws/cve-2022-25165-aws-vpn-client/ AWS WorkSpaces Remote Code Execution rhinosecuritylabscom/aws/cve-2021-38112-aws-workspaces-rce/ Resource Injection in CloudFormation Templates rhinosecuritylabscom/aws/cloud-malware-cloudformation-injection/ Down

References

CWE-367https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client/https://github.com/RhinoSecurityLabs/CVEshttps://nvd.nist.govhttps://github.com/zlw9991/netflix-password-sharing-with-vpn-risks
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook