Aviatrix has released patches to address two critical vulnerabilities in its enterprise VPN client, which would allow local attackers to execute arbitrary code with elevated privileges.
Aviatrix, one of the major cloud networking solutions providers, recently patched two severe vulnerabilities in its enterprise VPN client. These vulnerabilities, which have been described as CVE-2019-17388 and CVE-2019-17387, can potentially be used by local attackers to elevate privileges and execute arbitrary code with elevated rights.
The first vulnerability, CVE-2019-17388, is due to weak file permissions in the VPN client. This weakness could allow a malicious actor to manipulate files and gain unauthorized access to higher-level functions. The second flaw, CVE-2019-17387, is related to issues in service code execution, which could be exploited to run arbitrary code under elevated privileges. Both vulnerabilities are present across all operating systems supported by Aviatrix.
These vulnerabilities were discovered and immediately reported to Aviatrix in early October. The company reacted very quickly by issuing a patched version, 2.4.10, within less than a month after discovering the vulnerability. Users are advised to update their VPN clients immediately in order to minimize the risk from these vulnerabilities.
While exploiting these flaws requires prior access to the targeted machine, the potential for privilege escalation poses significant security concerns. Such vulnerabilities could be leveraged by attackers to access sensitive data and critical services beyond their authorized reach. Given the increasing trend of threat actors targeting enterprise VPNs, it is imperative for organizations to maintain up-to-date security measures and promptly apply patches to known vulnerabilities.
Aviatrix has mentioned that these issues do not have any effect on the VPN Gateway or machines with other OpenVPN-compatible clients. Nonetheless, the firm insists that there is a need to update client software to be secure on every user device.
With these developments in mind, experts in cybersecurity are advising organizations to review their VPN client deployments to ensure that all instances are upgraded to the latest version. Periodic updates of software and prompt remediation of security advisories are very important steps for protecting enterprise environments from potential cyber threats.
