Lucene search
MitreCVELIST:CVE-2020-27519HistoryApr 30, 2021 - 1:16 p.m.
CVE-2020-27519
2021-04-3013:16:08
mitre
www.cve.org
1
0.0004 Low
EPSS
Percentile
5.1%
Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the log and log-append along with log injection to create or append to privileged script files and execute code as root/SYSTEM.
References
github.com/pritunl/pritunl-client-electron/commit/87ceeae9b8ee415541d7d71de10675e699a76e5e
github.com/pritunl/pritunl-client-electron/commit/87ceeae9b8ee415541d7d71de10675e699a76e5e#diff-5c6a264bee3576f2a147b8db70332e9a16dd43d073782cf6d32a372abb22b899
github.com/pritunl/pritunl-client-electron/commit/c0aeb159351e5e99d752c27b87133eca299bdfce
Related
veracode
veracode
Privilege Escalation
2021-05-03 13:24:31
prion
prion
Privilege escalation
2021-04-30 14:15:00
cve
cve
CVE-2020-27519
2021-04-30 14:15:08
nvd
nvd
CVE-2020-27519
2021-04-30 14:15:08
osv
osv
CVE-2020-27519
2021-04-30 14:15:08