Vulnerability found in Mozilla VPN systems

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Vulnerability found in Mozilla VPN systems

Security researcher DoHyun Lee has found a vulnerability in Mozilla’s VPN software. Due to the vulnerability, a hacker who has access to a system could also gain system rights to completely take over a device.

Vulnerability

The vulnerability discovered by researcher DoHyun Lee is that Mozilla VPN can load an OpenSSL configuration from an insecure directory. A malicious person could gain system privileges through this vulnerability. If a hacker would have limited rights and access to the system, he could already gain full control over a device due to the vulnerability.

The security researcher has reported the vulnerability to Mozilla. Mozilla immediately released a security update for the VPN. The vulnerability has been fixed with the update.

Mozilla VPN

Mozilla is best known to most people for its widely used Firefox browser. Recently, the company also decided to launch a VPN. Mozilla currently still rents its server network from the renowned VPN provider Mullvad.

Mozilla still has a lot of improvement to make before their VPN service can compete with the better and more user-friendly VPN providers. Vulnerabilities like this also show that there is still work to be done.

For Mozilla VPN users, it is wise to update to Mozilla VPN 2.7.1 now, if this has not already been done automatically.

Catch up on more articles here

Follow us on Twitter here

Read more

Explore the site

More from the blog

Latest News