image credit: Flickr

Vulnerability Patched in Forcepoint VPN Client for Windows

September 20, 2019

The flaw, tracked as CVE-2019-6145 and described as an unquoted search path issue, affects Forcepoint VPN Client for Windows versions prior to 6.6.1, which includes a patch.

The Forcepoint VPN Client provides a secure connection between endpoint devices and a gateway on the Forcepoint Next Generation Firewall (Forcepoint NGFW).

According to SafeBreach, when the client application is launched, a process named sgvpn.exe is executed with NT AUTHORITY\SYSTEM privileges. This process then attempts to run several executable files from “C:\” and the “C:\Program Files (x86)\Forcepoint\” folder.

Read More on Security Week