Vulnerabilities > Openvpn > Connect > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2023-7224 Code Injection vulnerability in Openvpn Connect
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable
local
low complexity
openvpn CWE-94
7.8
2020-02-28 CVE-2020-9442 Improper Preservation of Permissions vulnerability in Openvpn Connect 3.1.0.361
OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.
local
low complexity
openvpn CWE-281
7.2