CVE-2014-5455
5.3 MEDIUMUnquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect vers...
Published: 2014-08-25 · Last updated: 2026-05-28
Severity and scoring
- CVSS
- 5.3 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- CWE
- CWE-428
Affected products
| Vendor | Product |
|---|---|
| openvpn | openvpn, privatetunnel |
| privatetunnel | openvpn, privatetunnel |
Description
Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2014-5455
- [Other]http://osvdb.org/show/osvdb/109007
- [Exploit reference]http://packetstormsecurity.com/files/127439/OpenVPN-Private-Tunnel-Privilege-Escalation.html
- [Exploit reference]http://www.exploit-db.com/exploits/34037
- [Exploit reference]http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5192.php
- [Other]https://github.com/CVEProject/cvelist/pull/3909
- [Other]https://github.com/CVEProject/cvelist/pull/3909/commits/ace34f1cf94602f31760d3eb7ae68e17df8f914d
- [Other]https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05325943
- [Other]http://osvdb.org/show/osvdb/109007
- [Exploit reference]http://packetstormsecurity.com/files/127439/OpenVPN-Private-Tunnel-Privilege-Escalation.html
- [Exploit reference]http://www.exploit-db.com/exploits/34037
- [Exploit reference]http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5192.php
- [Other]https://github.com/CVEProject/cvelist/pull/3909
- [Other]https://github.com/CVEProject/cvelist/pull/3909/commits/ace34f1cf94602f31760d3eb7ae68e17df8f914d
- [Other]https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05325943
Related CVEs
Same vendor
- CVE-2026-9560 — Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary command... (7.8 HIGH)
Same CWE
- CVE-2021-47974 — VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows ... (7.8 HIGH)
- CVE-2020-37247 — Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalat... (7.8 HIGH)
- CVE-2020-37232 — Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary... (7.8 HIGH)
- CVE-2020-37231 — Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escal... (7.8 HIGH)
- CVE-2020-37230 — Syncplify.me Server (7.8 HIGH)