mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-14 23:28:04 +02:00
0xMarcio
784 B
784 B
CVE-2022-24141
Description
The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient().