McAfee Tunnelbear

Do you want an email whenever new security vulnerabilities are reported in McAfee Tunnelbear?

By the Year

In 2024 there have been 0 vulnerabilities in McAfee Tunnelbear . Tunnelbear did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 9.80

It may take a day or so for new Tunnelbear vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent McAfee Tunnelbear Security Vulnerabilities

TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service

CVE-2018-10381 9.8 - Critical - April 26, 2018

TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "OpenVPNConnect" method accepts a server list argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.

Incorrect Permission Assignment for Critical Resource

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for McAfee Tunnelbear or by McAfee? Click the Watch button to subscribe.

 

McAfee
Vendor

 
subscribe