CVE-2024-45750 – TheGreenBow VPN Authentication Bypass Arbitrary Code Execution Vulnerability

CVE ID : CVE-2024-45750

Published : Sept. 25, 2024, 6:15 p.m. | 2 hours, 54 minutes ago

Description : An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2024-45750

Published : Sept. 25, 2024, 6:15 p.m. | 2 hours, 54 minutes ago

Description : An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…