Unrated severityNVD Advisory· Published Sep 20, 2019· Updated Aug 4, 2024
CVE-2019-6145
CVE-2019-6145
Description
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <6.6.1
- Forcepoint/Forcepoint VPN Client for Windowsv5Range: versions earlier than 6.6.1
Patches
Vulnerability mechanics
References
2- help.forcepoint.com/security/CVE/CVE-2019-6145.htmlmitrex_refsource_CONFIRM
- safebreach.com/Post/Forcepoint-VPN-Client-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-6145mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.