Securepoint SSL VPN Client 2.0.30 Local Privilege Escalation

Securepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.

MD5 | 208329c265e24386a862dffeddea96d3

Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30

Release Date: 29-Jun-2021
Author: Florian Bogner @
Affected product: Securepoint SSL VPN Client
Fixed in: version 2.0.32
Tested on: Windows 10 x64 fully patched
CVE: CVE-2021-35523
Vulnerability Status: Fixed with new release

Vulnerability Description (copied from the CVE Details)
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.

A full vulnerability description is available here:

Suggested Solution
End-users should update to the latest available version.

Disclosure Timeline
14.04.2021: The vulnerability was discovered and reported to [email protected]
15.04.2021: The report was triaged
26.04.2021: Securepoint SSL VPN Client Version 2.0.32 was released, which contains an initial fix for the vulnerability
23.06.2021: Securepoint SSL VPN Client Version 2.0.34 was released, which contains additional security measures.
28.06.2021: CVE-2021-35523 was assigned:
29.06.2021: Responsible disclosure in cooperation with Securepoint:


Florian Bogner
Information Security Expert, Speaker

Bee IT Security Consulting GmbH
Nibelungenstraße 37
3123 A-Schweinern

Mail: [email protected]

Related Posts