VYPR

Viscosity

by Viscosity

CVEs (4)

  • CVE-2012-4284CriJan 10, 2020
    risk 0.72cvss 9.8epss 0.70

    A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code

  • CVE-2017-20123HigJun 30, 2022
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the…

  • CVE-2020-5180HigJan 14, 2020
    risk 0.51cvss 7.8epss 0.00

    Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. (When a VPN connection is initiated using…

  • CVE-2025-4412MedMay 27, 2025
    risk 0.31cvss epss 0.00

    On macOS systems, by utilizing a Launch Agent and loading the viscosity_openvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC (Transparency, Consent, and Control) identity. The acquired resource access is limited without…