Vulnerability in the Aviatrix VPN client, since patched, gives an attacker unlimited access to a breached system.
A VPN vulnerability that provided both initial access to a victim's computer and privilege escalation once access was granted has been disclosed. The vulnerability in the Aviatrix VPN client, used by large organizations such as NASA and Shell, has been patched in all versions and is available for download.
Immersive Labs researcher and content engineer Alex Seymour discovered the vulnerability in early October. After noting evidence that a pair of Web servers were launched during the VPN client's open sequence, he found the servers and the Python used to create them had known issues, especially with the very lax permissions given the servers during the sequence.
Seymour was able to show proof of the privilege escalation that would allow an attacker to run essentially any random code desired on the targeted machine. Aviatrix responded to the notice of the breach and patched the vulnerability in less than a month. Both Aviatrix and Seymour recommend that all Aviatrix VPN client users update to the latest version as soon as possible.
Read more here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "10 Security 'Chestnuts' We Should Roast Over the Open Fire."
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024