SB2019092601 - Privilege escalation in Forcepoint VPN Client for Windows
Published: September 26, 2019
Security Bulletin ID
SB2019092601
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Unquoted Search Path or Element (CVE-ID: CVE-2019-6145)
The vulnerability allows a local user to escalate privilege on the system.
The vulnerability exists due to software tries to execute programs in the following locations, when the VPN client is started:
- "C:\Program.exe"
- "C:\Program Files (x86)\Forcepoint\VPN.exe"
A local user with ability to place malicious binaries into these directories can execute arbitrary code on the system with SYSTEM privileges.
Remediation
Install update from vendor's website.