AVPNC_RP Service Authentication Flaw Allows Arbitrary Code Execution and Privilege Escalation

AVPNC_RP Service Authentication Flaw Allows Arbitrary Code Execution and Privilege Escalation

CVE-2019-17387 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client through 2.2.10 allows an attacker to gain elevated privileges through arbitrary code execution on Windows, Linux, and macOS.

Learn more about our Cis Benchmark Audit For Apple Macos.