Moderate
CVE-2019-17387
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2019-17387
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.
Add Assessment
Ratings
-
Attacker ValueMedium
-
ExploitabilityVery High
Technical Analysis
VPN clients are commonly found on laptops for remote office workers, This is a local priv esc on all Aviatrix VPN Clients. As it is local it would need either a malicious user or an attacker with User level access looking to escalate.
When the VPN client starts it creates a locally running Web service. This service is capable of running commands in the context of the service, which runs as Root / Admin level permissions.
The service uses a set of certificates to authenticate the web service, however these certificates are included in a compiled python executable, it is it trivial to recover these certificated and therefore execute commands to gain elevated privileges.
https://immersivelabs.com/2019/12/04/aviatrix-vpn-client-vulnerability/
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportCVSS V3 Severity and Metrics
General Information
Vendors
- aviatrix
Products
- vpn client
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
