CVE-2024-6141

Name of the Vulnerable Software and Affected Versions Windscribe (affected versions not specified)

Description The issue is related to a directory traversal vulnerability in the Windscribe Service, which can be exploited by local attackers to escalate privileges on affected installations of Windscribe. This can be achieved by leveraging the lack of proper validation of a user-supplied path prior to using it in file operations, allowing an attacker to execute arbitrary code in the context of SYSTEM. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.