CVE-2021-35523
HIGHSecurepoint SSL VPN Client v2 < 2.0.32 - Privilege Escalation
Title source: llmDescription
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
https://github.com/Securepoint/openvpn-client/security/advisories/GHSA-v8p8-4w8f-qh34
Exploit, Third Party Advisory x_refsource_misc
https://bogner.sh/2021/04/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30/
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2021/Jun/59
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/163320/Securepoint-SSL-VPN-Client-2.0.30-Local-Privilege-Escalation.html
Scores
CVSS v3
7.8
EPSS
0.0071
EPSS Percentile
48.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (1)
securepoint/openvpn-client
2.0.15 - 2.0.32
Published
Jun 28, 2021
Tracked Since
Feb 18, 2026