CVE-2023-47267

Published: Dec 19, 2023Modified: Dec 17, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file.

Affected (3)

Products: Thegreenbow: Thegreenbow Vpn Client

Thegreenbow

1 product

Thegreenbow Vpn Client

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Thegreenbow Thegreenbow Vpn Client	From 6.87.001 to 6.87.109
Thegreenbow Thegreenbow Vpn Client	From 6.52.004 to 6.52.006
Thegreenbow Thegreenbow Vpn Client	From 6.87.001 to 6.87.108

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://www.thegreenbow.com/en/support/security-alerts/#deeplink-16093

Source: cve@mitre.org

Vendor Advisory

https://www.thegreenbow.com/en/support/security-alerts/#deeplink-16093

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.