PureVPN for Windows suffers from a SYSTEM privilege escalation vulnerability in its sevpnclient service. When configured to use the OpenVPN protocol, the sevpnclient service executes openvpn.exe using the OpenVPN config file located at C:\ProgramData\purevpn\config\config.ovpn.