← back
CVE-2022-24141

CVE-2022-24141

EPSS 0.6%
The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient().
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://iobit.comhttp://itop.comhttps://github.com/tomerpeled92/CVE/