High severity8.8NVD Advisory· Published Oct 14, 2022· Updated Jun 17, 2026
CVE-2021-27406
CVE-2021-27406
Description
An attacker can take leverage on PerFact OpenVPN-Client versions 1.4.1.0 and prior to send the config command from any application running on the local host machine to force the back-end server into initializing a new open-VPN instance with arbitrary open-VPN configuration. This could result in the attacker achieving execution with privileges of a SYSTEM user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.4.1.0+ 1 more
- (no CPE)range: <=1.4.1.0
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- www.cisa.gov/uscert/ics/advisories/icsa-21-056-01nvdThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.