CVE-2023-50446

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 10, 2023

Updated: Dec 13, 2023

CWE ID 732

Summary

CVE-2023-50446 is a vulnerability affecting the Mullvad VPN Windows app prior to version 2023.6-beta1. This issue grants any local unprivileged user the ability to escalate privileges to the SYSTEM level due to insufficient permissions on a directory. Successful exploitation could result in significant system compromise, potentially leading to data theft or unauthorized system modifications. Users are advised to update their Mullvad VPN software to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mullvad VPN

Affected Vendors

Mullvad

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/twnHu5
https://www.cve.org/CVERecord?id=CVE-2023-50446
https://nvd.nist.gov/vuln/detail/CVE-2023-50446

Back to Vulnerability Database