High severity7.8NVD Advisory· Published Jun 29, 2022· Updated Jun 17, 2026
CVE-2017-20112
CVE-2017-20112
Description
A vulnerability has been found in IVPN Client 2.6.6120.33863 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument --up cmd leads to improper privilege management. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.6.2 is able to address this issue. It is recommended to upgrade the affected component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2up to 2.6.6120.33863, fixed in 2.6.2+ 1 more
- (no CPE)range: up to 2.6.6120.33863, fixed in 2.6.2
- (no CPE)range: 2.6.6120.33863
Patches
Vulnerability mechanics
References
3- github.com/kacperszurek/exploits/blob/master/IVPN/ivpn_privilege_escalation.pynvdExploitThird Party Advisory
- seclists.org/fulldisclosure/2017/Feb/14nvdMailing ListThird Party Advisory
- vuldb.comnvdPermissions RequiredThird Party Advisory
News mentions
0No linked articles in our index yet.