CVE-2020-15075

7.1HIGH

Key Information:

Vendor: Openvpn
Status: Openvpn Connect
Vendor: CVE Published:; 30 March 2021

Summary

OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.

Affected Version(s)

OpenVPN Connect 3.2.6 and prior versions

References

https://openvpn.net/vpn-server-resources/openvpn-connect-...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 30, 2021
Vulnerability Reserved
Jun 25, 2020

.