Home | Research | Resources | Advisories | CyberGhost 6 for Windows
Privilege Escalation
CVE ID
CVE-2018-10646
VENDOR
CyberGhost S.R.L.
PRODUCT
CyberGhost 6
Product version
6.5.0.3180
Vulnerability Details
CyberGhost 6 for Windows suffers from a SYSTEM
privilege escalation vulnerability through the CG6Service
service. This service establishes an NetNamedPipe
endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The ConnectToVpnServer
method accepts a connectionParams
argument that provides attacker control of the OpenVpn command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM
user
Learn More →
Vendor response
A release is scheduled
Disclosure timeline
04-17-2018 - Vendor disclosure via email 04-17-2018 - Vendor disclosure via email 04-17-2018 - Vendor notified via Facebook 04-17-2018 - Vendor response: Received 04-18-2018 - Vendor response and followup 04-20-2018 - Vendor response: Something that will be fixed with the next release 05-01-2018 - Vendor notified of the advisory release