Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30  
Release Date: 29-Jun-2021  
Author: Florian Bogner @  
Affected product: Securepoint SSL VPN Client   
Fixed in: version 2.0.32  
Tested on: Windows 10 x64 fully patched  
CVE: CVE-2021-35523  
Vulnerability Status: Fixed with new release  
Vulnerability Description (copied from the CVE Details)  
Securepoint SSL VPN Client v2 before 2.0.32 on Windows has unsafe configuration handling that enables local privilege escalation to NT AUTHORITY\SYSTEM. A non-privileged local user can modify the OpenVPN configuration stored under "%APPDATA%\Securepoint SSL VPN" and add a external script file that is executed as privileged user.  
A full vulnerability description is available here:   
Suggested Solution  
End-users should update to the latest available version.  
Disclosure Timeline  
14.04.2021: The vulnerability was discovered and reported to  
15.04.2021: The report was triaged  
26.04.2021: Securepoint SSL VPN Client Version 2.0.32 was released, which contains an initial fix for the vulnerability  
23.06.2021: Securepoint SSL VPN Client Version 2.0.34 was released, which contains additional security measures.  
28.06.2021: CVE-2021-35523 was assigned:   
29.06.2021: Responsible disclosure in cooperation with Securepoint:  
Florian Bogner  
Information Security Expert, Speaker  
Bee IT Security Consulting GmbH  
Nibelungenstraße 37  
3123 A-Schweinern