CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-45750
https://notcve.org/view.php?id=CVE-2024-45750
25 Sep 2024 — An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel. • https://thegreenbow.com • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-47267
https://notcve.org/view.php?id=CVE-2023-47267
19 Dec 2023 — An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file. Un problema descubierto en TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87 y Windows Enterprise VPN Client 6.87 permite a los atacantes obtener privilegios aumentados mediante cambios elaborados en el archivo asignado en memor... • https://www.thegreenbow.com/en/support/security-alerts/#deeplink-16093 • CWE-269: Improper Privilege Management •