CVE-2020-25989: Improper Privilege Management

November 19, 2020 (updated July 21, 2021)

Privilege escalation via arbitrary file write in pritunl electron client through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.

References

nvd.nist.gov/vuln/detail/CVE-2020-25989

Code Behaviors & Features

Detect and mitigate CVE-2020-25989 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →