Rewterz Threat Advisory – CVE-2021-32723 – Node.js prismjs module Vulnerability
June 29, 2021Rewterz Threat Alert – REvil Ransomware Linux version –Active IOCs
June 29, 2021Rewterz Threat Advisory – CVE-2021-32723 – Node.js prismjs module Vulnerability
June 29, 2021Rewterz Threat Alert – REvil Ransomware Linux version –Active IOCs
June 29, 2021Severity
High
Analysis Summary
CVE-2021-35523
Securepoint SSL VPN Client could allow an authenticated attacker to gain elevated privileges on the system, caused by an unsafe configuration handling flaw. By modifying the OpenVPN configuration stored under “%APPDATA%\Securepoint SSL VPN”, an authenticated attacker could exploit this vulnerability to gain elevated privilege as SYSTEM.
Impact
- Privilege Escalation
Affected Vendors
SecurePoint
Affected Products
- Securepoint SSL VPN Client 2.0.31
Remediation
Upgrade to the latest version of SSL VPN Client (2.0.32 or later), available from the VPN Client GIT Repository.
https://github.com/Securepoint/openvpn-client/security/advisories/GHSA-v8p8-4w8f-qh34