HomeVS-LabsSecurity ResearchProtonVPN for Windows

ProtonVPN for Windows

ProtonVPN for Windows suffers from a SYSTEM privilege escalation vulnerability through the ProtonVPN Service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The Connect method accepts a class instance argument that provides attacker control of the OpenVpncommand line. An attacker can specify a dynamic library plugin that should run for every new VPN connection. This plugin will execute code in the context of the SYSTEM user.

A Look at RACI Models within Application Threat Modeling

Offensive Security

DevSecOps

GRC Services

Threat Intelligence

VS-Labs Security Research

Envisions Geopolitical Threat Report:

By Industry

Chrome Exploitation: How to easily launch a Chrome RCE+SBX exploit chain with one command

Security Resources

5 Steps to Implement an Application Threat Modeling Program

Who We Are

ProtonVPN for Windows

Date

Follow Us

You May Also Like

Printer Spooler Bug Research

Windows Kernel Drive Vulnerability Research: CVE-2020-17087

Cyber Attacks on Smart Cars Using SDR

ProtonVPN for Windows

Date

Follow Us

Share

You May Also Like

Printer Spooler Bug Research

Windows Kernel Drive Vulnerability Research: CVE-2020-17087

Cyber Attacks on Smart Cars Using SDR