CVE-2021-31776

Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
VendorProductVersion
aviatrixvpn_client
𝑥
< 2.14.14
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.aviatrix.com/Downloads/samlclient.html
https://docs.aviatrix.com/Downloads/samlclient.html#windows-win
https://docs.aviatrix.com/HowTos/changelog.html#aviatrix-vpn-client-changelog
https://docs.aviatrix.com/Downloads/samlclient.html
https://docs.aviatrix.com/Downloads/samlclient.html#windows-win
https://docs.aviatrix.com/HowTos/changelog.html#aviatrix-vpn-client-changelog