Nord VPN 6.14.31 Denial of Service via Password Field

Vulnerability

NordVPN version 6.14.31 and earlier contains a denial-of-service vulnerability in the password input field. The application fails to properly validate the length of the password string, leading to excessive memory allocation (CWE-789) when an attacker submits a buffer of repeated characters. This issue is reachable without authentication and affects the desktop client on Windows [1][2].

Exploitation

An attacker with local access to the machine can trigger the vulnerability by copying a long string (e.g., 100,000 A characters) from a file and pasting it into the password field of the NordVPN login dialog. When the user attempts to authenticate, the application crashes due to the oversized input. No special privileges or user interaction beyond pasting the string are required [2].

Impact

Successful exploitation causes the NordVPN application to crash, resulting in a denial of service. No data is disclosed, modified, or permanently lost; the application must be restarted to resume normal operation [1][2].

Mitigation

No official fix is documented in the available references. Users should ensure they are running the latest version of NordVPN and apply any updates from the vendor. As a workaround, avoid pasting untrusted or excessively long strings into the password field [1][2].