McAfee Tunnelbear
By the Year
In 2023 there have been 0 vulnerabilities in McAfee Tunnelbear . Tunnelbear did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 1 | 9.80 |
It may take a day or so for new Tunnelbear vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent McAfee Tunnelbear Security Vulnerabilities
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service
CVE-2018-10381
9.8 - Critical
- April 26, 2018
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "OpenVPNConnect" method accepts a server list argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.
Incorrect Permission Assignment for Critical Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for McAfee Tunnelbear or by McAfee? Click the Watch button to subscribe.
