Thursday, July 1, 2021

Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation

Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30

Release Date: 29-Jun-2021
Author: Florian Bogner @
Affected product: Securepoint SSL VPN Client
Fixed in: version 2.0.32
Tested on: Windows 10 x64 fully patched
CVE: CVE-2021-35523
Vulnerability Status: Fixed with new release

Vulnerability Description (copied from the CVE Details)
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.

A full vulnerability description is available here:

Suggested Solution
End-users should update to the latest available version.

Disclosure Timeline
14.04.2021: The vulnerability was discovered and reported to [email protected]
15.04.2021: The report was triaged
26.04.2021: Securepoint SSL VPN Client Version 2.0.32 was released, which contains an initial fix for the vulnerability
23.06.2021: Securepoint SSL VPN Client Version 2.0.34 was released, which contains additional security measures.
28.06.2021: CVE-2021-35523 was assigned:
29.06.2021: Responsible disclosure in cooperation with Securepoint:


Florian Bogner
Information Security Expert, Speaker

Bee IT Security Consulting GmbH
Nibelungenstra├če 37
3123 A-Schweinern

Mail: [email protected]


Copyright © 2021 Vulnerability Database | Cyber Details™

thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore