GlobalProtect-Openconnect Vulnerability: Arbitrary VPN Connection and Traffic Redirection

GlobalProtect-Openconnect Vulnerability: Arbitrary VPN Connection and Traffic Redirection

CVE-2021-45810 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

GlobalProtect-openconnect versions prior to 2.0.0 (exclusive) are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the attack can redirect the entire host's traffic via their own server.

Learn more about our Cis Benchmark Audit For Server Software.