CVE-2023-7245

Published: 2024-02-20T11:15Z

Last Modified: 2025-04-02T20:11Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not properly configured, which allows a local user to execute arbitrary code within the nodejs process context via the ELECTRON_RUN_AS_NODE environment variable > MITRE Terms of Use apply – see LICENSE‑MITRE.txt