CVE-2021-35523: 
Securepoint SSL VPN Client vulnerability analysis and mitigation

Securepoint SSL VPN Client v2 before 2.0.32 on Windows contains a local privilege escalation vulnerability (CVE-2021-35523) that was discovered on April 14, 2021. The vulnerability affects versions from 2.0.15 up to 2.0.32 and allows non-privileged local users to escalate their privileges to NT AUTHORITY\SYSTEM through unsafe configuration handling (GitHub Advisory, NVD).

The vulnerability exists due to unsafe configuration handling in the OpenVPN configuration stored under '%APPDATA%\Securepoint SSL VPN'. The application uses two components: a user interface executed in the context of the current user and a Windows service executed as SYSTEM. The vulnerability allows attackers to modify the OpenVPN configuration and add external script files that are executed with SYSTEM privileges. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (Bogner Security, NVD).

The vulnerability allows local non-privileged users to gain full SYSTEM-level access to the affected Windows system. This enables attackers to execute arbitrary commands with the highest privileges, potentially leading to complete system compromise (GitHub Advisory).

Users should upgrade to Securepoint SSL VPN Client v2 version 2.0.32 or newer. Version 2.0.32 implements a check for script security settings and prevents script security levels higher than 1. Version 2.0.33 adds additional protection against configuration modification in the application directory and implements checksum verification for configurations (GitHub Advisory).