CVE-2023-36671

Name of the Vulnerable Software and Affected Versions Clario VPN client versions 5.9.1.1662 and earlier

Description The issue is related to the insecure configuration of the operating system by the Clario VPN client, which allows all IP traffic to the VPN server's IP address to be sent in plaintext outside the VPN tunnel. This can be exploited by an adversary to trick the victim into sending plaintext traffic to the VPN server's IP address, thereby deanonymizing the victim. The vulnerability is also referred to as the "ServerIP attack" for traffic to the real IP address of the VPN server.

Recommendations For Clario VPN client versions 5.9.1.1662 and earlier, consider disabling the VPN client until a patch is available to prevent exploitation of the vulnerability. Restrict access to the VPN server's IP address to minimize the risk of deanonymization. Avoid sending sensitive traffic to the VPN server's IP address until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.