← back
CVE-2021-31776

CVE-2021-31776

EPSS 0.3%
Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://docs.aviatrix.com/Downloads/samlclient.htmlhttps://docs.aviatrix.com/Downloads/samlclient.html#windows-winhttps://docs.aviatrix.com/HowTos/changelog.html#aviatrix-vpn-client-changelog