NordVPN has announced the results of an independent audit conducted by German cybersecurity firm Cure53, an experienced expert in VPN evaluation.
NordVPN is a leading and highly-trusted VPN service provider, and audits from independent firms help reinforce its credibility by validating its technical excellence promises and assuring customers that they are not mere marketing tactics.
These security audits can often discover unknown security problems on the VPN services, helping the vendor fix them before hackers have a chance to exploit them.
The scope of this latest audit covered both NordVPN’s infrastructure and applications, so it was pretty wide and comprehensive.
NordVPN’s infrastructure compromises the servers that manage the VPN connections and facilitate the transfer of data between clients and websites and online services, but also includes authentication systems, encryption mechanisms, and supporting elements such as switches, routers, and firewalls.
Cure53 examined the above between September and October 2022 and found a medium-severity arbitrary file read vulnerability, an issue of local code execution potentially leading to privilege escalation, and a Docker container escape problem.
Between July and August 2022, Cure53 examined all NordVPN apps for desktop and mobile, as well as the vendor’s websites, browser extensions, and APIs. The findings of that penetration testing report are more extensive.
Specifically, Cure53 found a critical-severity flaw on the Linux client, allowing privilege escalation to root via notifications. The root is the administrator on Linux systems, so having the ability to execute commands as such can have catastrophic consequences.
Another important finding was