CyberSecurityBoard
Sponsor Register Login

IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems

Windows Local Privilege Escalation On Windows, the VPN client similarly stores its OpenVPN configuration in C:\Windows\Temp, a directory where standard users can create files and folders with full permissions. Linux Local Privilege Escalation On Linux, the VPN client temporarily stores an OpenVPN configuration file in the predictable /tmp/vpn_client_openvpn_configuration.ovpn location. A recent security assessment by Shelltrail has uncovered three critical vulnerabilities in the IXON VPN client, potentially allowing attackers to escalate privileges on both Windows and Linux systems. The IXON VPN client, a proprietary software downloaded from the portal, is essential for connectivity and runs a local web server on operating as a root-level systemd service on Linux and as NT Authority\SYSTEM on Windows. Shelltrail researchers discovered that an attacker could stall the VPN client and inject a malicious OpenVPN configuration by creating a named pipe (FIFO) at this path using the mkfifo command. By exploiting a race condition, attackers can use a PowerShell script to repeatedly overwrite the temporary configuration file with a malicious version, achieving SYSTEM-level code execution. IXON has been commended for its prompt response, addressing the privilege escalation vulnerabilities in version 1.4.4 of the VPN client. This server forwards the request to appending local configuration details and receiving an OpenVPN configuration file. IXON, a Dutch provider of industrial remote access solutions, offers a cloud-based VPN service requiring a physical device connected via Ethernet or mobile data. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02, and CVE-2025-ZZZ-03, these flaws expose users to local privilege escalation (LPE) risks, with one additional impact currently undisclosed. Details of this vulnerability remain confidential until IXON releases a public fix, as its exploitation could require significant configuration changes.

This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 27 Apr 2025 10:40:07 +0000


Cyber News related to IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems

IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems - Windows Local Privilege Escalation On Windows, the VPN client similarly stores its OpenVPN configuration in C:\Windows\Temp, a directory where standard users can create files and folders with full permissions. Linux Local Privilege Escalation On ...
1 month ago Cybersecuritynews.com CVE-2025-ZZZ-01
Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
1 year ago Cybersecurity-insiders.com
Cybersecurity Insiders - As the threat landscape rapidly evolves, VPNs cannot provide the secure, segmented access organizations need. The 2023 VPN Risk Report reveals the complexity of today's VPN management, user experience issues, vulnerabilities to diverse cyberattacks, ...
1 year ago Cybersecurity-insiders.com
Mullvad VPN Review: Features, Pricing, Pros & Cons - Visit Mullvad VPN. Mullvad VPN has built a solid reputation for being one of the best privacy-focused VPNs on the market. Visit Mullvad VPN. Mullvad offers a flat rate of €5 or $5.48 per month, regardless of subscription length. If you're looking ...
1 year ago Techrepublic.com
Atlas VPN Free vs. Premium: Which Plan Is Best For You? - When VPN providers offer free versions, you may be inclined to stick with that version. Atlas VPN Free is a lifetime-free version of the Atlas VPN service, which allows users to enjoy VPN services in four locations. In comparison, Atlas VPN Premium ...
1 year ago Techrepublic.com
CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
5 Best VPNs for Travel in 2024 - VPNs are software that encrypt your online activity and adjust your IP address, protecting sensitive company data and allowing you to access geo-restricted content at the same time. In this article, we take a look at the five best VPNs for travelers. ...
1 year ago Techrepublic.com
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
11 months ago
5 Best VPNs for Android in 2024 - See details VIsit ProtonVPN. see details Visit CyberGhost VPN. As more Android users rely on their smartphones to surf the web, virtual private networks have become essential tools to help secure your mobile connection, no matter where you are. One ...
1 year ago Techrepublic.com
Understanding the Complexities of VPNs: Balancing Privacy and Security in the Digital Age - A U.S. traveler in Europe might face restrictions accessing certain paid streaming services available in the U.S., which can be circumvented by a VPN masking the local European IP address, thus granting access to U.S.-based content. While VPNs appear ...
1 year ago Cysecurity.news
VPN for Your Phone: Key to Global Email Security While Traveling - You'll need to enter the details of your VPN connection, including the VPN name, type, server address, and any required authentication credentials. One essential way to use a VPN is to protect your email communications. A VPN can be side-loaded for ...
1 year ago Securityboulevard.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
6 Best Anonymous VPNs for 2024 - VPNs are primarily used to secure online traffic and help users remain anonymous to avoid targeted ads, hide their location or ensure the security and privacy of their personal data. Though many VPN providers may advertise having a no-logs policy, ...
1 year ago Techrepublic.com
AVG Secure VPN vs Surfshark: Which VPN Is Better? - If you've been checking out competitor AVG Secure VPN and are wondering how it stacks up against Surfshark, I've got you covered in this review. I signed up for both VPNs and compared AVG and Surfshark head-to-head to help you decide which one is the ...
11 months ago Techrepublic.com
ZTNA over VPN Can Be a Good Place to Start Your Zero Trust Journey - Zero-trust network access has become the leading project for organizations looking to adopt zero-trust principles. Gartner predicts that 60% of organizations will be adopting zero trust by 2025,1 so there are lots of zero-trust projects going on. As ...
1 year ago Feeds.fortinet.com
Windows 10 Extended Security Updates Promised for Small Businesses and Home Users - Already common for enterprises, for the first time, individuals will also get the option to pay for extended security updates for a Windows operating system that's out of support. Windows 10 will stop getting free updates, including security fixes, ...
1 year ago Techrepublic.com
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com
Is your VPN reaching End of Maintenance? Don't let it put you at risk - To keep your business going and safe, it's time to move on to a new remote access solution. The transition away from AnyConnect is a fantastic opportunity to slip the surly bonds of legacy VPN appliances and transition to the cloud with a Secure ...
1 year ago Blog.checkpoint.com
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
1 year ago Securityboulevard.com
The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
1 year ago Cyberdefensemagazine.com
Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems - Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, a popular VPN solution used by organizations worldwide. The vulnerabilities are currently being exploited in the wild by at least one Chinese nation-state threat actor dubbed ...
1 year ago Techrepublic.com CVE-2023-46805 CVE-2024-21887
Save up to $315 on data privacy tools with AdGuard VPN - A virtual private network is a foundational data privacy tool for both professional life and your day-to-day browsing. AdGuard VPN offers one-year, three-year, and five-year subscriptions to cover all of your devices, anywhere in the world. AdGuard ...
1 year ago Bleepingcomputer.com
VPN Vulnerabilities Emerges As The Key Tool for Threat Actors to Attack Organizations - Two particularly concerning vulnerabilities continue to plague organizations worldwide: CVE-2018-13379, a path traversal vulnerability in Fortinet’s FortiGate SSL VPN devices, and CVE-2022-40684, an authentication bypass flaw affecting Fortinet ...
3 months ago Cybersecuritynews.com CVE-2018-13379
Microsoft fixes VPN failures caused by April Windows updates - The list of impacted Windows versions includes Windows 11, Windows 10, and Windows Server 2008 and later. Since Redmond includes all security fixes in a single update, uninstalling the April updates will also remove all fixes for patched security ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)