FortiClient Vulnerability

TunnelBear CVE-2018-10381 Permission Bypass Vulnerability

Description

TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the \"TunnelBearMaintenance\" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The \"OpenVPNConnect\" method accepts a server list argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.

Affected Applications

TunnelBear

CVE References

CVE-2018-10381

Other References

https://nvd.nist.gov/vuln/detail/CVE-2018-10381

ID	2330
Created	Aug 19, 2021
Description Updated	Oct 26, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	TunnelBear
Patch	manual
Application	TunnelBear

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

TunnelBear CVE-2018-10381 Permission Bypass Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

TunnelBear CVE-2018-10381 Permission Bypass Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center