Nord Safety, the corporate behind NordVPN and different merchandise, requested an intensive safety audit of NordVPN functions, add-ons, net providers and APIs in June 2022. The audit was carried out by Cure53, a Germany firm specialised in safety audits.
Cure53 was tasked to conduct a penetration check and supply code audit towards “NordVPN servers, infrastructure, and NordVPN desktop functions for Home windows, Linux, and macOS”. The audit lasted from July 2022 to October 2022 and was compartmentalized into three work packages.
Word: Bitwarden, makers of the password administration service, posted the outcomes of a safety audit of Bitwarden by Cure53 as we speak as effectively.
The outcomes of the audit have been printed by NordVPN on the official firm web site. There, customers discover the 2 Cure53 studies.
The researchers recognized a complete of 6 vulnerabilities and 17 miscellaneous gadgets with “decrease exploitation potential”. Whereas the variety of recognized gadgets seems massive, Cure53 notes that the scope of the audit was additionally massive, because it concerned functions, extensions, infrastructure, supply code and net providers that NordVPN operates.
NordVPN fastened all safety points that the researchers recognized through the audit. Cure53 accredited the patches and confirmed that NordVPN carried out the mitigations accurately.
Tip: you’ll be able to try our newest NordVPN evaluate right here.
NordVPN: the foremost safety points
One of many points acquired a crucial ranking, two a excessive ranking. The crucial situation affected the NordVPN Daemon on Linux techniques. The researchers observed that it embedded “the atmosphere variables of a international course of into the command line” to ship desktop notifications on KDE and Gnome techniques.
The primary safety situation rated excessive affected NordVPN on macOS techniques. The privileged VPN helper wrote logs to user-owned file places. An attacker with consumer privileges might exploit this with symlinks to “write log entries to any root-owned file”.
The third situation, additionally rated excessive, affected NordVPN on macOS once more. It may very well be exploited by an attacker to load an arbitrary extensions. The remaining safety points acquired a severity ranking of medium or decrease.
Different findings
Cure53 gives an intensive commentary on its findings within the studies. The conclusions embody extra info on the functions, code and infrastructure analyzed through the audit.
The researchers discovered a number of areas by which default configurations had been used. The Docker configuration, for instance, relied on a number of default configurations that the researchers thought-about insecure.
NordVPN has addressed these points within the meantime, which implies that they shouldn’t be thought-about a possible safety situation anymore.
Closing Phrases
NordVPN is a well-liked VPN service that’s out there in most areas. Third-party audits are carried out to determine potential points and to repair them, however they’re additionally utilized by corporations to enhance transparency and belief.
Web customers could also be extra inclined to belief an audited service, or one that’s audited commonly by third-parties, than a service that has by no means been audited.
Now You: do you utilize VPNs?
Thanks for studying..
