CVE-2024-45750 (GCVE-0-2024-45750)
Vulnerability from cvelistv5 – Published: 2024-09-25 00:00 – Updated: 2024-09-26 19:02
VLAI?
Summary
An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel.
Severity ?
7.3 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:thegreenbow:android_vpn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android_vpn",
"vendor": "thegreenbow",
"versions": [
{
"lessThanOrEqual": "6.4.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:thegreenbow:vpn_client_linux:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vpn_client_linux",
"vendor": "thegreenbow",
"versions": [
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:thegreenbow:windows_standard_vpn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_standard_vpn",
"vendor": "thegreenbow",
"versions": [
{
"lessThanOrEqual": "6.87.108",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:thegreenbow:windows_enterprise_vpn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "windows_enterprise_vpn",
"vendor": "thegreenbow",
"versions": [
{
"lessThanOrEqual": "7.5.007",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:thegreenbow:vpn_client_macos:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vpn_client_macos",
"vendor": "thegreenbow",
"versions": [
{
"lessThanOrEqual": "2.4.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-45750",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T18:48:36.428721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:02:46.569Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T17:44:35.717372",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://thegreenbow.com"
},
{
"url": "https://www.thegreenbow.com/en/support/security-alerts/#deeplink-17024"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-45750",
"datePublished": "2024-09-25T00:00:00",
"dateReserved": "2024-09-06T00:00:00",
"dateUpdated": "2024-09-26T19:02:46.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel.\"}, {\"lang\": \"es\", \"value\": \"Un problema en TheGreenBow Windows Standard VPN Client 6.87.108 (y anteriores), Windows Enterprise VPN Client 6.87.109 (y anteriores), Windows Enterprise VPN Client 7.5.007 (y anteriores), Android VPN Client 6.4.5 (y anteriores), VPN Client Linux 3.4 (y anteriores), VPN Client MacOS 2.4.10 (y anteriores) permite a un atacante remoto ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de la fase de autenticaci\\u00f3n IKEv2, acepta firmas ECDSA malformadas y establece el t\\u00fanel.\"}]",
"id": "CVE-2024-45750",
"lastModified": "2024-09-26T19:35:17.850",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.4}]}",
"published": "2024-09-25T18:15:05.043",
"references": "[{\"url\": \"https://thegreenbow.com\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.thegreenbow.com/en/support/security-alerts/#deeplink-17024\", \"source\": \"cve@mitre.org\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45750\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-09-25T18:15:05.043\",\"lastModified\":\"2024-09-26T19:35:17.850\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel.\"},{\"lang\":\"es\",\"value\":\"Un problema en TheGreenBow Windows Standard VPN Client 6.87.108 (y anteriores), Windows Enterprise VPN Client 6.87.109 (y anteriores), Windows Enterprise VPN Client 7.5.007 (y anteriores), Android VPN Client 6.4.5 (y anteriores), VPN Client Linux 3.4 (y anteriores), VPN Client MacOS 2.4.10 (y anteriores) permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la fase de autenticaci\u00f3n IKEv2, acepta firmas ECDSA malformadas y establece el t\u00fanel.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"references\":[{\"url\":\"https://thegreenbow.com\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.thegreenbow.com/en/support/security-alerts/#deeplink-17024\",\"source\":\"cve@mitre.org\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-45750\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-26T18:48:36.428721Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:thegreenbow:android_vpn:*:*:*:*:*:*:*:*\"], \"vendor\": \"thegreenbow\", \"product\": \"android_vpn\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.4.5\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:thegreenbow:vpn_client_linux:*:*:*:*:*:*:*:*\"], \"vendor\": \"thegreenbow\", \"product\": \"vpn_client_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"3.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:thegreenbow:windows_standard_vpn:*:*:*:*:*:*:*:*\"], \"vendor\": \"thegreenbow\", \"product\": \"windows_standard_vpn\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.87.108\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:thegreenbow:windows_enterprise_vpn:*:*:*:*:*:*:*:*\"], \"vendor\": \"thegreenbow\", \"product\": \"windows_enterprise_vpn\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"7.5.007\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:thegreenbow:vpn_client_macos:*:*:*:*:*:*:*:*\"], \"vendor\": \"thegreenbow\", \"product\": \"vpn_client_macos\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2.4.10\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-26T18:49:32.215Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://thegreenbow.com\"}, {\"url\": \"https://www.thegreenbow.com/en/support/security-alerts/#deeplink-17024\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN Client 6.87.109 (and older), Windows Enterprise VPN Client 7.5.007 (and older), Android VPN Client 6.4.5 (and older) VPN Client Linux 3.4 (and older), VPN Client MacOS 2.4.10 (and older) allows a remote attacker to execute arbitrary code via the IKEv2 Authentication phase, it accepts malformed ECDSA signatures and establishes the tunnel.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-09-25T17:44:35.717372\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-45750\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-26T19:02:46.569Z\", \"dateReserved\": \"2024-09-06T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-09-25T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…