When you connect to the Internet, there is a potential risk that someone might be snooping on your activities, or an attacker is phishing for your important information. Believe it or not. It happens.
That is why people who value their online privacy very much use security tools and software. There are free security tools and software, but if they are free it means the services that they provide are either limited, or they need something (usually your data) from you. Which is not really good. That is why, even though some of these tools and software are expensive, users and companies are willing to pay just to ensure that they have a secured connection.
One of these security methods is a VPN, or virtual private network which aims to protect your web traffic by sending it through another server to protect your location, and encrypting your traffic to protect against data interception.
Sounds great right? It is!
What would happen if you didn’t read our reviews of the best VPNs and chose a VPN with bugs? Coding flaws that can potentially put your online privacy at risk can happen in any piece of software. These are what security researchers have found out with the two most popular VPN providers in the industry.
ProtonVPN and NordVPN system vulnerabilities
ProtonVPN and NordVPN are two popular VPNs, but despite their popularity they are under fire for having vulnerabilities in their VPN products.
It was found out by researchers recently that both ProtonVPN and NordVPN have bugs. These bugs are a good opportunity for attackers to intercept VPN servers and execute attacks.
The vulnerabilities found on ProtonVPN and NordVPN are done through a Windows admin escalation security flaw discovered by VerSprite and was tagged as CVE-2018-10169.
NordVPN and Proton VPN create security patches
To resolve this security problem, both companies have already applied security patches, but it seems that these patches were not enough to solve the entire problem. Since these patches are like a temporary fix, it is still possible for attackers to exploit and execute arbitrary codes via different means, not to mention how it can go after those who have not updated with the patch – if you’re reading this and you use these VPNs it time to update!
It was also found out that the bugs were caused because both software has the same design issues. Both ProtonVPN and NordVPN use execute binaries that have a logged-in user interface. They also both have a VPN configuration option, including OpenVPN. Information is sent to an OpenVPN configuration file, and the investigation done by VerSprite showed that they were able create another OpenVPN configuration file.
This is where the danger happens. Attackers can control the OpenVPN command line and intercept the connection or sending of information. They can send malicious data on the OpenVPN command line so that they can control or tamper with the VPN service. This can also lead to an information leak and potential hacking. That is made possible through the arbitrary commands.
Patches on software vulnerabilities
Since both ProtonVPN and NordVPN have the same design, they both created the same patch on the OpenVPN configuration file.
However, upon the investigation of Cisco Talos researchers, they found out that these patches contained flaws. These flaws can allow attackers to revert the patch or the fix.
Testing was done on the 22.214.171.124 version of NordVPN as well as 1.5.1 version of ProtonVPN. During the testing, security researchers found out that the original fix or patch made in both versions can still be easily hacked or intercepted:
- The first bug that was found out was CVE-2018-3952. It was found on NordVPN. If the bug is found by attackers, it can potentially harm NordVPN’s users.
- On the other hand, the bug found on ProtonVPN is CVE-2018-4010. Though ProtonVPN is really new in the VPN industry, it can still affect its hundreds of users.
- Both CVE-2018-3952 and CVE-2018-4010 can result in arbitrary command execution.
Since NordVPN is an experienced VPN provider and has already catered to millions of users, it was able to create a patch right away. However, ProtonVPN had a bit of a hard time as they were able to provide a patch just recently.
Update your software now
Clients of both VPNs are advised and encouraged to update their software to avoid any interception of information or possible hacking.
Even though vulnerabilities were found on both VPN’s software, there were no reported hacking of information. This is because you need to first hack the user’s computer before intercepting the OpenVPN configuration file. So even though there is a security hole in the VPN system, it was still hard to do some malicious activities.
However, ProtonVPN reminds its clients to update to the latest versions of their software to ensure that their VPN isn’t hackable and remains as highly secured as ever.
Even though patches and fixes were made, both software still continue to monitor the situation, and create ways to make their products more secure to avoid potential hacking. If any of this has put you off these two providers, see our reviews of the Top 10 Providers for a new VPN.