Infotecs : Security Vulnerabilities, CVEs, CVSS score >= 2
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks.
Max CVSS
7.3
EPSS Score
0.04%
Published
2017-06-15
Updated
2019-10-03
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.
Max CVSS
7.2
EPSS Score
0.04%
Published
2013-05-22
Updated
2013-05-22
2 vulnerabilities found