Source |
enigma0x3 |
Identifiant |
8300150 |
Date de publication |
2019-03-20 23:50:49 (vue: 2023-01-11 16:55:53) |
Titre |
Avira VPN (2.15.2.28160) Elevation of Privilege through Insecure Update location |
Texte |
Product Version: Avira Phantom VPN Downloaded from: https://package.avira.com/package/oeavira/win/int/avira_en_vpn__ws.exe Operating System tested on: Windows 10 1709 (x64) Vulnerability: Avira VPN Elevation of Privilege Brief Description: The Avira Phantom VPN Service performs a handful of checks when it checks for an update (this happens when the service starts, so on boot or via manual start/stopping). When updating, […] |
Envoyé |
Oui |
Condensat |
1709 28160 avira boot brief checks com/package/oeavira/win/int/avira description: downloaded elevation exe for from: handful happens https://package insecure location manual on: operating performs phantom privilege product service start/stopping starts system tested the this through update updating version: via vpn vulnerability: when windows x64 |
Tags |
|
Stories |
|
Notes |
★★★★
|
Move |
|