HomeAdvisoriesCyberGhost 6 for Windows

CyberGhost 6 for Windows

Privilege Escalation

Previous AdvisoryNext Advisory

CVE ID

CVE-2018-10646

Vendor

CyberGhost S.R.L.

Product

CyberGhost 6

Product Version

6.5.0.3180

Vulnerability Details

CyberGhost 6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the CG6Service service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The ConnectToVpnServer method accepts a connectionParams argument that provides attacker control of the OpenVpn command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user

Learn more

Vendor Response

A release is scheduled

Disclosure Timeline

17.04.2018
Vendor disclosure via email
17.04.2018
Vendor disclosure via email
17.04.2018
Vendor notified via Facebook
17.04.2018
Vendor response: Received
18.04.2018
Vendor response and followup
20.04.2018
Vendor response: Something that will be fixed with the next release
01.05.2018
Vendor notified of the advisory release

Previous AdvisoryNext Advisory

A Look at RACI Models within Application Threat Modeling

Offensive Security

DevSecOps

GRC Services

Threat Intelligence

VS-Labs Security Research

Envisions Geopolitical Threat Report:

By Industry

Chrome Exploitation: How to easily launch a Chrome RCE+SBX exploit chain with one command

Security Resources

Who We Are