Arbitrary File Creation and Overwrite Vulnerability in SaferVPN for Windows

Arbitrary File Creation and Overwrite Vulnerability in SaferVPN for Windows

CVE-2020-25744 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

SaferVPN before 5.0.3.3 on Windows could allow low-privileged users to create or overwrite arbitrary files, which could cause a denial of service (DoS) condition, because a symlink from %LOCALAPPDATA%\SaferVPN\Log is followed.

Learn more about our User Device Pen Test.