CVE-2014-5455 in OpenVPN and Privatetunnel Products
Published on August 25, 2014

Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.<a href="http://cwe.mitre.org/data/definitions/428.html" target="_blank">CWE-428: Unquoted Search Path or Element</a>

Vendor Advisory NVD

Products Associated with CVE-2014-5455

stack.watch emails you whenever new vulnerabilities are published in OpenVPN or Privatetunnel. Just hit a watch button to start following.

OpenVPN

Privatetunnel

Exploit Probability

EPSS

0.52%

Percentile

66.58%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-5455 in OpenVPN and Privatetunnel ProductsPublished on August 25, 2014

Products Associated with CVE-2014-5455

Exploit Probability

CVE-2014-5455 in OpenVPN and Privatetunnel Products
Published on August 25, 2014