CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47101
https://notcve.org/view.php?id=CVE-2023-47101
The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair. El instalador (también conocido como openvpn-client-installer) en Securepoint SSL VPN Client anterior a 2.0.40 permite la escalada de privilegios locales durante la instalación o reparación. • https://cyvisory.group/advisory/CYADV-2023-012 https://sourceforge.net/p/securepoint/news/2023/08/2040-is-now-available • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 3CVE-2023-22897 – SecurePoint UTM 12.x Memory Leak
https://notcve.org/view.php?id=CVE-2023-22897
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used. SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint. • http://packetstormsecurity.com/files/171928/SecurePoint-UTM-12.x-Memory-Leak.html http://seclists.org/fulldisclosure/2023/Apr/8 https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22897.txt https://rcesecurity.com • CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 3CVE-2023-22620 – SecurePoint UTM 12.x Session ID Leak
https://notcve.org/view.php?id=CVE-2023-22620
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface. SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint. • http://packetstormsecurity.com/files/171924/SecurePoint-UTM-12.x-Session-ID-Leak.html http://seclists.org/fulldisclosure/2023/Apr/7 https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22620.txt https://rcesecurity.com • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-35523 – Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2021-35523
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user. Securepoint SSL VPN Client versiones v2 anteriores a 2.0.32, en Windows, presenta un manejo de configuración no seguro que permite una escalada de privilegios local a NT AUTHORITY\SYSTEM. Un usuario local no privilegiado puede modificar la configuración de OpenVPN almacenado en "%APPDATA%\Securepoint SSL VPN" y añadir un archivo de script externo que es ejecutado como usuario privilegiado Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability. • http://packetstormsecurity.com/files/163320/Securepoint-SSL-VPN-Client-2.0.30-Local-Privilege-Escalation.html http://seclists.org/fulldisclosure/2021/Jun/59 https://bogner.sh/2021/04/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30 https://github.com/Securepoint/openvpn-client/security/advisories/GHSA-v8p8-4w8f-qh34 • CWE-269: Improper Privilege Management •