SUSE security experts have discovered a critical vulnerability in the Mozilla VPN client 2.14.1 for Linux. The issue allows any user on the system to establish their own VPN connection, redirect network traffic, and tamper with existing VPN settings, which is especially dangerous on computers with multiple users.
The vulnerability was discovered during a security patch when the SUSE team decided to add the Mozilla VPN client to the open SUSE Tumbleweed Linux distribution. The experts found that during the standard security check procedure, the VPN service includes a privileged D-Bus service running as root and a Polkit (Privileged Program Authorization API) policy.
Experts note that because of the way the authentication check is written, the code execution process focuses on asking Polkit if Mozilla VPN’s privileged D-Bus service is authorized, rather than checking if Polkit itself is authorized. user is authorized. Since the D-Bus service runs with root privileges, the authentication check always returns true. This means that the D-Bus call will work for any user account, regardless of their privileges.
In the context of the vulnerability in the Mozilla VPN client for Linux, the D-Bus service is used to handle VPN connection requests and other VPN-related operations. The problem is that due to a misconfiguration of the service, any user on the system could perform actions that normally require administrator privileges.
Mozilla discovered the problem on May 4, but did not make it public. SUSE had no further information about the bug until June 12, when the vulnerability was disclosed in a listing request on Mozilla’s VPN repository on GitHub.
The vulnerability has been assigned the identifier CVE-2023-4104 . A Mozilla spokesperson said the organization plans to share more information shortly. Mozilla VPN users on Linux should be aware of this vulnerability and stay tuned for updates to install the fix as soon as it is available.
CyberSec84 | Cybersecurity news. 
Leave a comment