CVE-2018-11479

Name of the Vulnerable Software and Affected Versions Windscribe version 1.81

Description The issue concerns the VPN component in Windscribe, which uses the OpenVPN client and creates a system process named WindScribeService.exe. This process establishes a named pipe endpoint, .pipeWindscribeService, allowing the Windscribe VPN process to connect and execute other processes. However, there is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call, enabling an attacker to run malicious processes with SYSTEM privileges through this named pipe.

Recommendations For Windscribe version 1.81, as a temporary workaround, consider disabling the WindScribeService.exe system process until a patch is available. Restrict access to the .pipeWindscribeService named pipe endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.