🚀 A CloudSEK se torna a primeira empresa de segurança cibernética de origem indiana a receber investimentos da Estado dos EUA fundo
🚀 CloudSEK se torna a primeira empresa indiana de segurança cibernética a fazer parceria com o The Private Office
🚀 O CloudSEK aumentou Rodada da Série B1 de $19 milhões — Potencializando o futuro da cibersegurança preditiva
Home
Threat Intelligence Posts
Vulnerability Intelligence

SaferVPN Windows Local Privilege Escalation Vulnerability Threat Intel Advisory

CloudSEK threat intelligence advisory on SaferVPN local privilege escalation vulnerability tracked as CVE-2020-26050 affects Windows systems
Updated on
February 17, 2026
Published on
January 19, 2021
Read MINUTES
5
Subscribe to the latest industry news, threats and resources.
Advisory
 Vulnerability Intelligence
CVE
 CVE-2020-26050/Local Privilege Escalation
Application/Platform
 SaferVPN/Windows
  The vulnerability discovered in SaferVPN Windows app, tracked as CVE-2020-26050, allows local privilege escalation on the Windows system. This is due to the execution of an associated binary in the context of NT AUTHORITY\SYSTEM, which is the highest privilege on Windows systems. The SaferVPN application spawns openvpn.exe binary while connecting to a VPN server. The binary, then, runs in the context of NT AUTHORITY\SYSTEM and loads an openssl configuration file (openssl.cnf) from a non-existing folder in the C:\ directory. This can be abused by threat actors, whereby they replace the configuration file with a malicious one. Since the configuration file is run by NT AUTHORITY\SYSTEM, the attacker will get full control over the target system.
Affected Versions
  • SaferVPN 5.0.3.3 to  5.0.4.15 (Latest release)
Configuration Directory
  • C:\etc\ssl\openssl.cnf

Impact

  • Attackers can escalate the privilege from a normal user to the system, thereby gaining full control over the target.
  • High privilege can be abused by the attacker to make system level changes to further the attack.
  • Attackers can disable critical security services on the system by abusing the system privilege.

Mitigation

  • SaferVPN has not released a patch for this vulnerability, yet.
CloudSEK Platform is a no-code platform that powers our products with predictive threat analytic capabilities.
Recent Posts

Recent Articles

Anonymous Sudan Claims Successful Takedown of First Abu Dhabi Bank Website & Application Via DDoS Attacks
May 29, 2023
3,20,000+ Patient Records From Ayush Jharkhand Gov. In Shared On Dark Web Hacking Forums
September 4, 2023

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Dashboard mockup
Global Threat Intelligence Feed

Protect and proceed with Actionable Intelligence

The Global Cyber Threat Intelligence Feed is an innovative platform that gathers information from various sources to help businesses and organizations stay ahead of potential cyber-attacks. This feed provides real-time updates on cyber threats, including malware, phishing scams, and other forms of cybercrime.
Trusted by 400+ Top organisations
Get started
Learn more