Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-3483

Severity

6.2MEDIUM

EPSS

0.6%

top 29.85%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedAug 26

Latest updateMay 17

Description

Race condition in the runScript function in Tunnelblick 3.3beta20 and earlier allows local users to gain privileges by replacing a script file.

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

GHSA

GHSA-899m-9g9c-jwh3: Race condition in the runScript function in Tunnelblick 3↗2022-05-17

▶

CVEList

CVE-2012-3483: Race condition in the runScript function in Tunnelblick 3↗2012-08-26

▶

Exploit-DB

Tunnelblick - Local Privilege Escalation (1)↗2012-08-11

▶

Exploit-DB

Tunnelblick - Local Privilege Escalation (2)↗2012-08-11

▶