CVE-2020-15075
First published: Tue Mar 30 2021(Updated: )
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.
Credit: security@openvpn.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openvpn Connect | <=3.2.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-15075?
CVE-2020-15075 is a vulnerability found in the OpenVPN Connect installer for macOS version 3.2.6 and older.
How can the OpenVPN Connect installer for macOS version 3.2.6 and older be exploited?
The vulnerability in the OpenVPN Connect installer for macOS version 3.2.6 and older allows the installer to corrupt system critical files it should not have access to via symlinks in /tmp.
What is the severity of CVE-2020-15075?
The severity of CVE-2020-15075 is rated as high with a CVSS score of 7.1.
How can I fix CVE-2020-15075?
To mitigate CVE-2020-15075, users should update to a version of OpenVPN Connect for macOS that is newer than 3.2.6.
Where can I find more information about CVE-2020-15075?
More information about CVE-2020-15075 can be found at the OpenVPN website: https://openvpn.net/vpn-server-resources/openvpn-connect-for-macos-change-log/
- collector/nvd-index
- agent/author
- agent/weakness
- agent/type
- agent/references
- agent/severity
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/openvpn
- canonical/openvpn connect
- version/openvpn connect/3.2.6