CVE-2024-25728

EPSS 0.2%
Veröffentlicht 11.02.2024 22:15:08
Zuletzt bearbeitet 21.11.2024 09:01:17
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration (e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers), which may allow remote attackers to obtain sensitive information about websites visited by VPN users.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Expressvpn ≫ Expressvpn SwPlatformwindows Version >= 12.23.1 < 12.73.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.417

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-922 Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

https://www.bleepingcomputer.com/news/security/expressvpn-bug-has-been-leaking-some-dns-requests-for-years/

Third Party Advisory

https://www.expressvpn.com/blog/windows-app-dns-requests/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-25728

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-25728

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-25728

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-25728