Hot seat – Hotspot Shield VPN New Privilege Escalation Vulnerability

hotspot

A high-risk vulnerability, rated as 7.8 in CVSS v3.1, affecting Windows 10.3.0 and earlier exists in the Hotspot Shield VPN client software. This allows an authorised user to potentially perform local privilege escalation.

The impact:

The flaw exists in improper directory permissions on a log folder for the software client. It allows a local user to corrupt system files by creating specially crafted symbolic links to a critical file on the system. The user then overwrites it with the privileges of the application.

The remediation:

To mitigate this vulnerability, accurate Access Control List permissions should be set for any location where actions are performed by privileged processes. This includes the C:\ProgramData\Hotspot Shield\logs director

Source: NIST

Risk Crew