An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ssl_vpn_client | Stormshield | * | 3.2.0 (excluding) |