Two major providers of Virtual Private Networks (VPN) had to deal with errors in their services, which allowed hackers and other malicious parties to execute random code. Researchers at Cisco Talos, who also state that users of ProtonVPN and NordVPN were at serious risk, confirm this.
These are vulnerabilities with the names CVE-2018-3952 and CVE-2018-4010. They were on Windows devices until recently, but have been patched. Even with the patches the code can still be executed, provided that the person who does this has admin rights. The first patches were released in the course of April. In the meantime, the last problems have also been solved.
All problems solved
NordVPN released a second and final patch last August, which solved the code problems. ProtonVPN released the last patch this month. All customers are advised to roll out the patches as soon as possible, so that they are protected against possible attacks.
According to the ZDNet site, the problem with the bugs lies in the rights management of accounts, which inadvertently gives certain users more rights than necessary. In a reaction, spokespeople from both companies stated that the bugs had been fixed. Specifically, ProtonVPN notifies its users that it has sent a prompt to let them know to perform the update. NordVPN has also done something similar, stating that none of its users is at risk anymore.
At the same time, it is striking that both companies had to release two updates to their code in order to get the problems solved definitively. It is not known whether it was actually abused, but NordVPN points out that it could only have been used if someone had access to the victim’s device, so that the chance of this happening would be relatively small.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.