Unquoted Search Path Vulnerability in Aviatrix VPN Client on Windows
CVE-2021-31776 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
Learn more about our User Device Pen Test.