low

Privilege Escalation to SYSTEM in AWS VPN Client

Published Tue, Apr 12th, 2022

Platforms

Summary

The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation and an information disclosure vulnerability that allows the user's Net-NTLMv2 hash to be leaked via a UNC path in a VPN configuration file.

Affected Services

VPN

Remediation

Update the client to version 3.0.0.

Tracked CVEs

CVE-2022-25165

References

https://rhinosecuritylabs.com/aws/cve-2022-25165-aws-vpn-client/https://aws.amazon.com/security/security-bulletins/AWS-2022-005/

Contributed by https://github.com/0xdabbad00

Entry Status

Finalized

Disclosure Date

Tue, Feb 15th, 2022

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

David Yesland, Rhino Security

More vulnerabilities...

high

AWS RDS local file read

A vulnerability was discovered in the Aurora PostgreSQL log_fdw extension for Amazon Relational Database Service (RDS), allowing an attacker to read files on the EC2 host and obtain credentials for...

Gafnit Amiga, LightspinApr 11, 2022

low

Azure AD information disclosure via undocumented APIs

Undocumented Azure AD APIs could allow access to internal information of any organization that uses Azure AD. Collected details included licensing information, mailbox information, and directory sy...

SecureworksApr 5, 2022

medium

GKE Sandbox side channel attack

There was a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, in GKE Sandbox images, causing nodes to be potentially exposed to side channel attacks such as M...

Mar 22, 2022

View all