NordVPN were exposed to vulnerabilities that could have allowed hackers to execute arbitrary code with administrator privileges on computers running Windows.
The bugs, CVE-2018-395 were discovered by Cisco Talos security researchers which is similar to another security flaw discovered in March by security consulting firm VerSprite.
NordVPN had released patches to fix the original vulnerability.
It was still possible to execute code as an administrator albeit through a exploit.
The initial vulnerability was due to OpenVPN being able to select a malicious file when choosing a VPN configuration.
They use OpenVPN's open-source software to set up secure connections from one point to another.
The vulnerability had already been fixed.
Source: https://www.pcmag.com/news/protonvpn-nordvpn-patch-windows-bug
TPRM report: https://scoringcyber.rankiteo.com/company/nord-vpn
"id": "nor024301022",
"linkid": "nord-vpn",
"type": "Vulnerability",
"date": "09/2018",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Cybersecurity',
'name': 'NordVPN',
'type': 'Company'}],
'attack_vector': 'Exploiting OpenVPN configuration',
'description': 'NordVPN was exposed to vulnerabilities that could allow '
'hackers to execute arbitrary code with administrator '
'privileges on computers running Windows.',
'impact': {'systems_affected': 'Windows computers'},
'initial_access_broker': {'entry_point': 'OpenVPN configuration'},
'post_incident_analysis': {'corrective_actions': 'Released patches to fix the '
'vulnerability',
'root_causes': 'OpenVPN being able to select a '
'malicious file when choosing a VPN '
'configuration'},
'references': [{'source': 'Cisco Talos'}, {'source': 'VerSprite'}],
'response': {'remediation_measures': ['Released patches to fix the '
'vulnerability']},
'title': 'NordVPN Vulnerability Exploit',
'type': 'Vulnerability Exploit',
'vulnerability_exploited': ['CVE-2018-3952']}