CVE Catalog
CVE-2026-9560
HighSummary
A vulnerability in OpenVPN Connect from version 3.5.1 to 3.8.1 on macOS allows privilege escalation via background services. Attackers can execute arbitrary commands with elevated privileges through a local IPC channel.
Risk Assessment
The risk to the organization involves the potential for unauthorized actions by an attacker, which could lead to data loss or system takeover.
Recommendation
It is recommended to update OpenVPN Connect to the latest version to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

