CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
Vendor | Product | Version | CPE |
---|---|---|---|
infotecs | vipnet_client | * | cpe:2.3:a:infotecs:vipnet_client:*:*:*:*:*:*:*:* |
infotecs | vipnet_coordinator | * | cpe:2.3:a:infotecs:vipnet_coordinator:*:*:*:*:*:*:*:* |
infotecs | vipnet_personal_firewall | * | cpe:2.3:a:infotecs:vipnet_personal_firewall:*:*:*:*:*:*:*:* |
infotecs | vipnet_safedisk | * | cpe:2.3:a:infotecs:vipnet_safedisk:*:*:*:*:*:*:*:* |