CVE-2022-46782
First published: Sat Aug 05 2023(Updated: )
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield SSL VPN Client | <3.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-46782.
What is the severity level of CVE-2022-46782?
CVE-2022-46782 has a severity level of high.
What is the affected software for CVE-2022-46782?
The affected software for CVE-2022-46782 is Stormshield SSL VPN Client before version 3.2.0.
How can an attacker exploit CVE-2022-46782?
An attacker can exploit CVE-2022-46782 by using the OpenVPN instance to execute malicious code as an administrator on the local machine.
Is there a fix available for CVE-2022-46782?
Yes, a fix is available for CVE-2022-46782. Update the Stormshield SSL VPN Client to version 3.2.0 or later.
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- vendor/stormshield
- canonical/stormshield ssl vpn client