Mullvad · Mullvad Vpn Windows App · CVE-2023-50446
**Name of the Vulnerable Software and Affected Versions**
Mullvad VPN Windows app versions prior to 2023.6-beta1
**Description**
An issue was discovered in the Mullvad VPN Windows app, where insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM.
**Recommendations**
For versions prior to 2023.6-beta1, update to version 2023.6-beta1 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable directory to minimize the risk of exploitation.