VDB
GCVE-110-CLOUD-2022-0037
GCVE-110-CLOUD-2022-0037
Advisory Published
The AWS VPN Client application is affected by an arbitrary file write as SYSTEM,
which can lead to privilege escalation and an information disclosure vulnerability
that allows the user's Net-NTLMv2 hash to be leaked via a UNC path in a VPN configuration file.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| AWS | Cloud Services | — | — |
| AWS | VPN | — | — |
| AWS | Config | — | — |
Aliases
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.