ProtonVPN for Windows

Privilege Escalation


ProtonVPN AG



Product Version


Vulnerability Details

ProtonVPN for Windows suffers from a SYSTEM privilege escalation vulnerability through the ProtonVPN Service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The Connect method accepts a class instance argument that provides attacker control of the OpenVpncommand line. An attacker can specify a dynamic library plugin that should run for every new VPN connection. This plugin will execute code in the context of the SYSTEM user.

Vendor Response

Vendor development team will release update

Disclosure Timeline

  • Vendor disclosure via email

  • Vendor notified via Facebook

  • Vendor response via email

  • VerSprite Security extends advisory release timeline

  • Vendor notified of the advisory release