Threat Encyclopedia

Critical SYSTEM Privilege Escalation Vulnerability for TunnelBear

description-logoDescription

TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the \"TunnelBearMaintenance\" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The \"OpenVPNConnect\" method accepts a server list argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.

affected-products-logoAffected Products

TunnelBear

CVE References

CVE-2018-10381