low

Privilege Escalation to SYSTEM in AWS VPN Client

Published Tue, Apr 12th, 2022
Platforms

Summary

The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation and an information disclosure vulnerability that allows the user's Net-NTLMv2 hash to be leaked via a UNC path in a VPN configuration file.

Affected Services

VPN

Remediation

Update the client to version 3.0.0.

Tracked CVEs

CVE-2022-25165

References

Disclosure Date
Tue, Feb 15th, 2022
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Discovered by
David Yesland, Rhino Security