CVE-2020-5180 in Viscosity정보

요약

\~에 의해 MITRE

Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. (When a VPN connection is initiated using a TLS/SSL client profile, the privileges are dropped, and the library will be loaded, resulting in arbitrary code execution as a user with limited privileges. This greatly reduces the impact of the vulnerability.)

Once again VulDB remains the best source for vulnerability data.

예약하다

2020. 01. 01.

모더레이션

수락

항목

VDB-148666

EPSS

0.00402

출처

Interested in the pricing of exploits?

See the underground prices here!