All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM.
References
Link | Resource |
---|---|
http://windscribe.com | Vendor Advisory |
https://jeffs.sh/CVEs/CVE-2020-27518.txt | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2021-05-04 14:15
Updated : 2024-02-04 21:47
NVD link : CVE-2020-27518
Mitre link : CVE-2020-27518
CVE.ORG link : CVE-2020-27518
JSON object : View
Products Affected
windscribe
- windscribe
CWE
CWE-269
Improper Privilege Management