What the vulnerability does

01Description

A permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later.

Key dates

02Disclosure timeline

April 19, 2023 CVE published
February 5, 2025 Record updated