Openvpn Connect
Monthly
Local privilege escalation in OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows unprivileged local users to execute arbitrary OS commands as root by abusing an exposed local IPC channel to the privileged background service. The flaw carries a CVSS 4.0 score of 9.4 with scope change (SC:H/SI:H/SA:H), and SSVC rates technical impact as total, though there is no public exploit identified at time of analysis and EPSS is only 0.04%.
Local privilege escalation in OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows unprivileged local users to execute arbitrary OS commands as root by abusing an exposed local IPC channel to the privileged background service. The flaw carries a CVSS 4.0 score of 9.4 with scope change (SC:H/SI:H/SA:H), and SSVC rates technical impact as total, though there is no public exploit identified at time of analysis and EPSS is only 0.04%.