OpenVPN was discovered to be impacted by four security vulnerabilities, at least three of which could be chained together to facilitate local privilege escalation and remote code execution attacks, SecurityWeek reports.
Such flaws, tracked as CVE-2024-27459, CVE-2024-24974, and CVE-2024-27903, involved OpenVPN's openvpnserv component, while another flaw relating to the Windows TAP driver, tracked as CVE-2024-1305, could be leveraged to enable denial-of-service conditions, according to a Microsoft Threat Intelligence team analysis presented at this year's Black Hat USA conference. While user authentication and extensive knowledge of OpenVPN are needed to exploit the bugs, attackers could deploy sophisticated attack chains upon obtaining OpenVPN credentials and leverage the Bring Your Own Vulnerable Driver technique and other methods for further compromise, said Microsoft researchers. "Through these techniques, the attacker can, for instance, disable Protect Process Light (PPL) for a critical process such as Microsoft Defender or bypass and meddle with other critical processes in the system. These actions enable attackers to bypass security products and manipulate the system’s core functions, further entrenching their control and avoiding detection," Microsoft added.
