Dangerous Vulnerability Found in Mozilla VPN Client


No patch is available yet for this issue.

The Linux version of the Mozilla VPN client “has been affected by a dangerous security issue within the software's authentication process” for the past few months, reports Alfonso Maruccia.

The flaw was discovered by SUSE developers, who found that the program contains a “privileged D-Bus service running as root and a Polkit policy.”

They disclosed the issue to Mozilla in May but failed to get a proper response, Maruccia says. “Mozilla has now assigned the issue a CVE-2023-4104 tracking code, while plans are already in motion to change the authentication process in the VPN client.”

Read more at TechSpot.



Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=