Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time

[VS-2018-019] Private Internet Access VPN for Windows Privilege Escalation Vulnerability



CVSS Score



London Trust Media, Inc


Private Internet Access VPN Client for Windows

Product Version


Vulnerability Details

A vulnerability in Private Internet Access VPN Client for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. The vulnerability is due to insufficient implementation of the access controls. The Changelog and Help options available from the system tray context menu for the PIA VPN client spawns an elevated instance of the user's default web browser. An attacker could exploit this vulnerability by selecting Run as Administrator from the context menu of an executable file within the file browser of the spawned default web browser. This may allow the attacker to execute privileged commands on the targeted system.

Vendor Response

The vendor has released an update

Disclosure Timeline

  • 03-23-2018 - Vendor disclosure via email
  • 03-23-2018 - Vendor notified via Facebook
  • 03-23-2018 - Vendor response via email
  • 03-27-2018 - Vendor requests resubmission of disclosure to London Trust Media
  • 03-27-2018 - Resubmission of vendor disclosure
  • 03-27-2018 - Vendor responded with bug bounty offer
  • 03-27-2018 - VerSprite declined bounty
  • 03-28-2018 - Vendor submitted update for testing
  • 03-28-2018 - VerSprite Security tests update and confirms vulnerability resolution.
  • 04-05-2018 - Vendor releases update
  • 04-17-2018 - Vendor notified of the advisory release


Fabius Watson of VerSprite Security (@FabiusArtrel)