杭州江阴科强工业胶带有限公司

{"id":166912,"date":"2024-08-12T07:01:20","date_gmt":"2024-08-12T07:01:20","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=166912"},"modified":"2024-08-12T07:01:23","modified_gmt":"2024-08-12T07:01:23","slug":"openvpn-rce-lpe","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/166912\/hacking\/openvpn-rce-lpe.html","title":{"rendered":"Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE"},"content":{"rendered":"

<\/div>\n

Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation.<\/h2>\n\n\n\n
During the Black Hat USA 2024<\/a> conference, Microsoft researchers disclosed multiple medium-severity bugs in the open-source project OpenVPN that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE).<\/p>\n\n\n\n
OpenVPN is an open-source software that provides a secure and flexible way to establish a Virtual Private Network (VPN) connection.<\/gwmw><\/gwmw><\/p>\n\n\n\n
Attackers can exploit the flaws to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information. <\/p>\n\n\n\n
“This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information,” reads the post<\/a> published by Microsoft. “Exploiting these vulnerabilities, however, necessitates user authentication and a deep understanding of OpenVPN\u2019s inner workings, alongside intermediate knowledge of the operating systems.”<\/em><\/p>\n\n\n\n
The exploitation of these flaws requires user authentication and an deep understanding of OpenVPN’s inner workings. The vulnerabilities impact all versions of OpenVPN prior to version 2.6.10 and 2.5.10.<\/p>\n\n\n\n
Below is a list the discovered vulnerabilities:<\/p>\n\n\n\n
CVE ID<\/strong><\/gwmw><\/td> OpenVPN component<\/strong><\/td> Impact<\/strong><\/td> Affected platform<\/strong><\/td><\/tr>
CVE-2024-27459<\/a><\/td> openvpnserv <\/td> Denial of service (DoS), local privilege escalation (LPE)<\/td> Windows<\/td><\/tr>
CVE-2024-24974<\/a><\/td> openvpnserv <\/td> Unauthorized access <\/td> Windows<\/td><\/tr>
CVE-2024-27903<\/a><\/td> openvpnserv<\/td> Remote code execution (RCE)<\/td> Windows<\/td><\/tr>
Local privilege escalation (LPE), data manipulation<\/td> Android, iOS, macOS, BSD<\/td><\/tr>
CVE-2024-1305<\/a><\/td> Windows TAP driver <\/td> Denial of service (DoS) <\/td> Windows<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
<\/gwmw>An attack can exploit these vulnerabilities after obtaining a user’s credentials through differed methods, such as purchasing them on the dark web<\/a>, using an info stealer, or capturing NTLMv2 hashes from network traffic and cracking them with tools like HashCat or John the Ripper. <\/p>\n\n\n\n
“As our research demonstrated, an attacker could leverage at least three of the four discovered vulnerabilities to create exploits to achieve RCE and LPE, which could then be chained together to create a powerful attack chain.” concludes the post. “Through these techniques, the attacker can, for instance, disable Protect Process Light (PPL) for a critical process such as Microsoft Defender or bypass and meddle with other critical processes in the system. These actions enable attackers to bypass security products and manipulate the system\u2019s core functions, further entrenching their control and avoiding detection.”<\/em><\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, RCE)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"
Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclosed multiple medium-severity bugs in the open-source project OpenVPN that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). OpenVPN is an […]<\/p>\n","protected":false},"author":1,"featured_media":166919,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,5,55],"tags":[4112,9508,9506,10918,2368,687,841,1533],"class_list":["post-166912","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-hacking","category-security","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-openvpn","tag-pierluigi-paganini","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司

CVE ID<\/strong><\/gwmw><\/td>	OpenVPN component<\/strong><\/td>	Impact<\/strong><\/td>	Affected platform<\/strong><\/td><\/tr>
CVE-2024-27459<\/a><\/td>	openvpnserv <\/td>	Denial of service (DoS), local privilege escalation (LPE)<\/td>	Windows<\/td><\/tr>
CVE-2024-24974<\/a><\/td>	openvpnserv <\/td>	Unauthorized access <\/td>	Windows<\/td><\/tr>
CVE-2024-27903<\/a><\/td>	openvpnserv<\/td>	Remote code execution (RCE)<\/td>	Windows<\/td><\/tr>
Local privilege escalation (LPE), data manipulation<\/td>	Android, iOS, macOS, BSD<\/td><\/tr>
CVE-2024-1305<\/a><\/td>	Windows TAP driver <\/td>	Denial of service (DoS) <\/td>	Windows<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n <\/gwmw>An attack can exploit these vulnerabilities after obtaining a user’s credentials through differed methods, such as purchasing them on the dark web<\/a>, using an info stealer, or capturing NTLMv2 hashes from network traffic and cracking them with tools like HashCat or John the Ripper. <\/p>\n\n\n\n “As our research demonstrated, an attacker could leverage at least three of the four discovered vulnerabilities to create exploits to achieve RCE and LPE, which could then be chained together to create a powerful attack chain.” concludes the post. “Through these techniques, the attacker can, for instance, disable Protect Process Light (PPL) for a critical process such as Microsoft Defender or bypass and meddle with other critical processes in the system. These actions enable attackers to bypass security products and manipulate the system\u2019s core functions, further entrenching their control and avoiding detection.”<\/em><\/p>\n\n\n\n Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n (<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, RCE)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":" Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclosed multiple medium-severity bugs in the open-source project OpenVPN that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). OpenVPN is an […]<\/p>\n","protected":false},"author":1,"featured_media":166919,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3323,5,55],"tags":[4112,9508,9506,10918,2368,687,841,1533],"class_list":["post-166912","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-breaking-news","category-hacking","category-security","tag-hacking","tag-hacking-news","tag-information-security-news","tag-it-information-security","tag-openvpn","tag-pierluigi-paganini","tag-security-affairs","tag-security-news"],"yoast_head":"\n杭州江阴科强工业胶带有限公司