Privilege Escalation via OpenVPN Event Script Execution in Tunnelblick

Privilege Escalation via OpenVPN Event Script Execution in Tunnelblick

CVE-2012-3486 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Tunnelblick 3.3beta20 and earlier allows local users to gain privileges via an OpenVPN configuration file that specifies execution of a script upon occurrence of an OpenVPN event.

Learn more about our User Device Pen Test.