VDB

GCVE-110-CLOUD-2022-0037

GCVE-110-CLOUD-2022-0037
Advisory Published
Vulnetix · Advisory published April 12, 2022
The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation and an information disclosure vulnerability that allows the user's Net-NTLMv2 hash to be leaked via a UNC path in a VPN configuration file.

Affected Products

VendorProductVersionsPlatforms
AWSCloud Services
AWSVPN
AWSConfig

References

advisory
advisory

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›