CVE-2020-15076

2021-05-2618:17:57

CWE-61

OpenVPN

www.cve.org

private tunnel

macos

critical files

symlinks

AI Score

7.6

Confidence

High

EPSS

Percentile

12.6%

JSON

Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical files it should not have access via symlinks in /tmp.

CNA Affected

[
  {
    "product": "Private Tunnel",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "3.0.1 and prior versions"
      }
    ]
  }
]

References

swupdate.openvpn.net/downloads/privatetunnel/changelog.txt