CVE-2024-6141
- EPSS 0.12%
- Veröffentlicht 21.08.2024 17:15:09
- Zuletzt bearbeitet 23.08.2024 16:53:48
Windscribe Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged cod...
CVE-2022-41141
- EPSS 0.14%
- Veröffentlicht 26.01.2023 18:59:53
- Zuletzt bearbeitet 21.11.2024 07:22:41
This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specif...
CVE-2020-22809
- EPSS 0.07%
- Veröffentlicht 10.05.2021 13:15:09
- Zuletzt bearbeitet 21.11.2024 05:13:25
In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.
CVE-2020-27518
- EPSS 0.04%
- Veröffentlicht 04.05.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 05:21:18
All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM.
CVE-2018-11479
- EPSS 28.65%
- Veröffentlicht 25.05.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:27
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect ...
CVE-2018-11334
- EPSS 0.04%
- Veröffentlicht 23.05.2018 12:29:00
- Zuletzt bearbeitet 21.11.2024 03:43:09
Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService.