Description
The Windows client VPN service has a security vulnerability in the handling of one of the commands that arrives from the UI process via IPC.
A malicious SendManageCertificate command can be sent to the service named pipe “cato-VPN,” which will contain a certificate file installation request as a root CA. This can be done using a low-privileged endpoint user
Severity
The CVSSv3.1 score is 5.6 (Medium).
What Changes Do I Need to Make?
Use the SDP User Dashboard to identify users with Windows Client versions below 5.10.34. Make sure they upgrade to the newest Windows Client version and receive the most recent security patches and enhancements.
Acknowledgments
Cato Networks thanks AmberWolf for detecting and identifying the issue. Full technical details can be found in their blog post:
What is the Impact on the Account?
If you don’t upgrade to Windows Client v5.10.34 or higher, devices with lower versions will be vulnerable. To the best of our knowledge, none of these issues has been exploited in the wild.
Who Do I Talk to If I Have Questions?
Please contact Support.
0 comments
Please sign in to leave a comment.