CVE-2023-36673

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Aug 9, 2023
Updated: Oct 31, 2023
CWE ID 319

Summary

CVE-2023-36673 is a vulnerability affecting Avira Phantom VPN for macOS through version 2.23.1. The issue arises due to the VPN client's insecure configuration, which causes all IP traffic to the VPN server's IP address to be sent in plaintext outside the VPN tunnel. Simultaneously, the client uses plaintext DNS to look up the VPN server's IP address. An attacker can exploit this vulnerability by spoofing DNS responses and tricking the victim into sending traffic to arbitrary IP addresses in plaintext, bypassing the VPN protection. This can potentially expose sensitive information, making it essential for Avira to release a patch as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share