CVE-2023-7235: OpenVPN 2.x GUI privilege escalation possible if installed outside default installation path on Windows
When installing OpenVPN 2 GUI on Windows using a non-standard installation directory, the installation directory will not be properly restricted via access control. Due to Windows defaulting to very open permissions by default, any user on this directory outside of standard system paths will be writable to anyone. This enables an attacker to replace the OpenVPN service component with some other code allowing the attacker to get more control over the host next time the OpenVPN service process is restarted.
References
- Release notes: https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07456.html
- CVE record: https://www.cve.org/CVERecord?id=CVE-2023-7235
- Reported by: Will Dormann (Analygence, Inc)
Last modified 10 months ago
Last modified on 02/20/24 19:24:31