CVE-2021-31776

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.

Reference Links(if available):

  • https://docs.aviatrix.com/Downloads/samlclient.html
  • https://docs.aviatrix.com/Downloads/samlclient.html#windows-win
  • https://docs.aviatrix.com/HowTos/changelog.html#aviatrix-vpn-client-changelog
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)