Two local privilege escalation vulnerabilities have been identified by a researcher in an enterprise VPN product from cloud-native networking solutions provider Aviatrix.
Aviatrix claims to have over 400 customers worldwide, including companies such as Netflix, United Airlines, Docker, Epsilon, and some major hotel chains.
Immersive Labs researcher Alex Seymour discovered that the Aviatrix VPN, which is based on OpenVPN, is affected by two vulnerabilities. The weaknesses were reported to the vendor in early October and patched less than one month later with the release of version 2.4.10.
The vulnerabilities allow an attacker who already has access to the targeted machine to elevate privileges and gain access to data and services they may not be able to access with the permissions of a regular user.
One of the privilege escalation flaws, tracked as CVE-2019-17388, is caused by weak file permissions, while the other, tracked as CVE-2019-17387, involves service code execution. They both allow an attacker to execute arbitrary code with elevated privileges.
“Coming hot on the heels of the UK and US Government warnings about VPN vulnerabilities, this underlines that often the technology protecting enterprises needs to be managed as tightly as the people using it,” Seymour explained. “People tend to think of their VPN as one of the more secure elements of their security posture, so it should be a bit of a wakeup call for the industry.”
Immersive Labs has published a blog post containing technical details for both vulnerabilities.
In an advisory published for these vulnerabilities, Aviatrix clarified that only the local machine running the VPN Client is affected — they do not impact the VPN Gateway or machines running other OpenVPN-compatible VPN clients, and they would be useless to attackers who already have administrator privileges on the targeted system. The attacks work on all operating systems supported by Aviatrix.
Threat actors have been known to exploit vulnerabilities in enterprise VPNs, and while the Aviatrix flaws might seem less attractive for hackers, they should not be ignored and the vendor has advised customers to update the client immediately.
Related: VPN Connection Hijacking Vulnerability Affects Linux, Unix Systems
Related: Enterprise VPN Vulnerabilities Expose Organizations to Hacking, Espionage
Related: Vulnerability Patched in Forcepoint VPN Client for Windows
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
Latest News
- Fraudulent “CryptoRom” Apps Slip Through Apple and Google App Store Review Process
- US Downs Chinese Balloon Off Carolina Coast
- Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op
- Feds Say Cyberattack Caused Suicide Helpline’s Outage
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
