CVE-2020-36992 HIGH

CVE-2020-36992: Nord VPN-6.31.13.0 - 'nordvpn-service' Unquoted Service Path

Vendor Nordvpn
Product nordvpn
Weakness CWE-428
Published January 28, 2026
Last update March 5, 2026

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Nord VPN 6.31.13.0 contains an unquoted service path vulnerability in its nordvpn-service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted binary path during system startup or reboot to potentially run malicious code with LocalSystem permissions.

Key dates

02Disclosure timeline

January 28, 2026 CVE published
March 5, 2026 Record updated