Mozilla VPN1 [0-Day] CVE-2022-0517 - Mozilla VPN Privilege Escalation Vulnerability Title Mozilla VPN Privilege Escalation Vulnerability Summary A Uncontrolled Search Path Element vulnerability exists in the libcrypto-1_1-x64.dll. Attackers place arbitrarily generated openssl.cnf files in the C:\MozillaVPNBuild\SSL to exploit this vulnerability. Security Severity High Root Cause Analysis We can check the logic of loading the openssl.cnf file from the call stack above. libcrypto.. 2022. 4. 30. 이전 1 다음