PT-2021-10797 · Unknown · Windscribe

Published

2021-05-10

Updated

2021-05-20

CVE-2020-22809

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Windscribe version 1.83 Build 20

Description The issue is related to an Unquoted Service Path in the 'WindscribeService' of Windscribe, which can facilitate privilege escalation.

Recommendations For Windscribe version 1.83 Build 20, consider updating to a newer version that quotes the service path to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428

Related Identifiers

CVE-2020-22809

Affected Products

Windscribe

PT-2021-10797 · Unknown · Windscribe

CVE-2020-22809

Weakness Enumeration

Related Identifiers

Affected Products

References · 3