#VU82574 Cleartext transmission of sensitive information in Clario VPN for macOS
Vulnerability identifier: #VU82574
Vulnerability risk: Medium
CVSSv3.1: 4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-319
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Clario VPN for macOS
Client/Desktop applications /
Other client software
Vendor: Clario Tech DMCC
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to the VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. A remote attacker can trick the victim into sending plaintext traffic to the VPN server's IP address and thereby deanonymize the victim.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
Clario VPN for macOS: 5.9.1.1662
External links
http://tunnelcrack.mathyvanhoef.com/details.html
http://clario.co/vpn-for-mac/
http://github.com/advisories/GHSA-43fw-xm94-j3mx
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
