CVE-2024-4877
HIGHDescription
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| openvpn | openvpn |
| microsoft | windows |
References
Frequently Asked Questions
What is CVE-2024-4877? +
How severe is CVE-2024-4877? +
What products are affected by CVE-2024-4877? +
How do I check if I'm vulnerable to CVE-2024-4877? +
Related Vulnerabilities
An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform (GCP) using the OS Login …
A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During …
Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated …
Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via …
Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into …
Privilege chaining issue exists in the installer of e-Tax software(common program). If this vulnerability is exploited, a malicious DLL prepared …