CVE-2019-12579

Published: Jul 11, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA Linux/macOS binary openvpn_launcher.64 binary is setuid root. This binary accepts several parameters to update the system configuration. These parameters are passed to operating system commands using a "here" document. The parameters are not sanitized, which allow for arbitrary commands to be injected using shell metacharacters. A local unprivileged user can pass special crafted parameters that will be interpolated by the operating system calls.

Affected (1)

Products: Londontrustmedia: Private Internet Access Vpn Client

Londontrustmedia

1 product

Private Internet Access Vpn Client

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Londontrustmedia Private Internet Access Vpn Client	Version 82

Running on/with	Platform Versions
Apple Macos	All versions
Linux Linux Kernel	All versions

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (2)

https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12579.txt

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12579.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.