CVE-2019-12571

Published: Jul 11, 2019Modified: Nov 21, 2024

7.1

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta (build 02099) for macOS could allow an authenticated, local attacker to overwrite arbitrary files. When the client initiates a connection, the XML /tmp/pia-watcher.plist file is created. If the file exists, it will be truncated and the contents completely overwritten. This file is removed on disconnect. An unprivileged user can create a hard or soft link to arbitrary files owned by any user on the system, including root. This creates a denial of service condition and possible data loss if leveraged by a malicious local user.

Affected (1)

Products: Londontrustmedia: Private Internet Access Vpn Client

Londontrustmedia

1 product

Private Internet Access Vpn Client

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Londontrustmedia Private Internet Access Vpn Client	Version 0.9.8 beta

Running on/with	Platform Versions
Apple Macos	All versions

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (2)

https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12571.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.