QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-24141

Back to search

CVE-2022-24141

Published: Jul 6, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient().

VendorProductVersions

n/a

n/a

affected
n/a

References

http://iobit.com
x_refsource_MISC
http://itop.com
x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now