Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

Vulnerabilities in PureVPN Client Leak User Credentials

The PureVPN client for Windows is impacted by two vulnerabilities that result in user credential leak, a Trustwave security researcher has discovered.

The PureVPN client for Windows is impacted by two vulnerabilities that result in user credential leak, a Trustwave security researcher has discovered.

The bugs, Trustwave’s Manuel Nader says, may allow a local attacker to retrieve the stored password of the last user who successfully logged in to the PureVPN service. The attack is performed directly through the GUI (Graphical User Interface), without the need of another tool.

For the attack to work, the PureVPN client should have a default installation, the attacker should have access to any local user account, and a user should have successfully logged in to the PureVPN using the client on a Windows machine. 

When disclosing another user’s credentials in a multiuser environment, the Windows machine should have more than one user.

The security researcher discovered that, in version 5.18.2.0 of the PureVPN Windows client, the user password is revealed in the application’s configuration window.

To retrieve the password, the attacker simply needs to open the PureVPN client, access the configuration window, open the “User Profile” tab, and click on “Show Password.”

The researcher also discovered that the PureVPN client for Windows stores the login credentials (username and password) in plaintext in a login.conf file located at ‘C:ProgramDatapurevpnconfig. What’s more, all local users have permissions to read this file, the researcher discovered.

Advertisement. Scroll to continue reading.

The issues were disclosed to the vendor in mid-August 2017. A patch was released in June 2018. PureVPN users on Windows are advised to update to version 6.1.0 or later, as this iteration removes the plaintext password vulnerability.

“The vendor has accepted the risks of the password being revealed in the client’s configuration window,” Nader says.

RelatedCloudflare Launches Remote Access to Replace Corporate VPNs

RelatedFortinet’s FortiClient Product Exposed VPN Credentials

 

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...