Notebookcheck

NordVPN and ProtonVPN obliged to push updates to patch new CVEs

Two prominent VPN providers have needed to push updates for vulnerabilities in their systems. (Source: danielmiessler.com)
Two prominent VPN providers have needed to push updates for vulnerabilities in their systems. (Source: danielmiessler.com)
Two popular VPNs have been reported as subject to newly-discovered security issues discovered by Cisco Talos. These flaws apply to those using the services on Windows PCs, and could allow a hacker access through a 'Connect' command. Both companies say they have issued updates to prevent this.

Working For Notebookcheck

Are you a techie who knows how to write? Then join our Team!

Currently wanted: 
News Editor - Details here

Update: A NordVPN spokesperson has asserted that the CVE had been patched by the time Cisco Talos reported on the vulnerability. Those who would like to know more on this issue are invited to follow this link

Original Article: If you are reading this on a Windows PC on which either NordVPN or ProtonVPN are running, then you may need to check that this service is fully updated. This is because both providers have been hit by one new common vulnerability or exposure (CVE) each. These flaws, discovered by Cisco Talos researchers, could allow a hacker to gain control over the app and, potentially, sensitive information sent using it.

Many people use virtual private networks (VPNs) for privacy and security online, and also perhaps to bypass georestrictions in some cases. Therefore, it would be ironic in the extreme if such an application was subject to hacking. NordVPN, a popular provider based in Panama, is affected by CVE-2018-4010. ProtonVPN, which has been set up by a group connected to MIT, has become associated with CVE-2018-3952.

Despite the fact that the two CVEs has been given different designations, they both basically do the same thing. It involves exploiting a similarity in the interfaces of the two services that may replace an OpenVPN configuration file that is activated by clicking 'Connect'. A replacement file with the right content could then hijack the VPN app to gain access to valuable information, or to hi-jack control of the interface.

On the other hand, NordVPN claims that, in the case of their interface at least, this hack requires direct access to a potential victim's computer. ProtonVPN has also asserted that CVE-2018-3952 requires additional, preliminary hacking steps for it to be exploited.

Representatives from both VPN providers have confirmed that their latest updates contain patches for the relevant CVE. Hopefully, this is the last we hear of compromized or hackable VPNs.

Source(s)

Read all 1 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2018 09 > NordVPN and ProtonVPN obliged to push updates to patch new CVEs
Deirdre O Donnell, 2018-09-11 (Update: 2018-09-14)