Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25989
Reference (s):
- https://github.com/pritunl/pritunl-client-electron/commit/89f8c997c6f93e724f68f76f7f47f8891d9acc2d
- https://vkas-afk.github.io/vuln-disclosures/