An up-to-date fix code has been issued to resolve a vulnerability in the Forcepoint VPN Client for Windows software.
Last week SafeBreach Labs researchers discovered a security flaw, codenamed CVE-2019-6145. Specifically, they stated that this error could be used, not only to increase the activities of hackers but also to maintain persistence in an infected system.
This problem exists in Forcepoint VPN Client software for Windows version 6.6.0 or earlier, and is rated 6,5 severity.
In the VPN client software, known as Stonesoft VPN Client, a coding problem meant that during startup sequences on machines Windows the VPN is trying to run programs from C: \ Program.exe and C: \ Program Files (x86) \ Forcepoint \ VPN.exe incorrectly. The client runs the Windows sgvpn.exe service as NT AUTHORITY \ SYSTEM and this requires administrator permissions.
It is worth noting that for a hacker to do exploit the vulnerability must already have administrator rights.
Researchers reported their findings to Forcepoint on 5 in September and company confirmed the validity of the vulnerability on the same day. A CVE was issued on 16 September, and following the release of a patch, Forcepoint published security instructions on 19 September.
For all of the above, experts recommend Forcepoint VPN users to do Update in an 6.6.1 version, if not a newer one so that they are as protected as possible.
How useful was this post?
Average rating / 5. Vote count: