PureVPN has had two vulnerabilities which would allow hackers to retrieve stored passwords through the VPN client. This was confirmed by Trustwave’s security researcher Manuel Nader, and the VPN provider itself.
One of the two vulnerabilities were fixed in the meantime, while the other one remains active, and PureVPN has, according to Nader, “accepted the risk”.
The vulnerability that was patched saw saved passwords stored in plaintext, on this location: 'C:\ProgramData\purevpn\config\login.conf
All users have had the chance to access and read the file by simply opening it through the CMD. This vulnerability has been patched in the version 6.1.0. and whoever uses PureVPN is strongly advised to update to the latest version, as soon as possible.
PureVPN still vulnerable
The second vulnerability is the one that remains open, and the company has decided to ‘accept the risk’. Here is how Trustwave explains the vulnerability:
“The PureVPN Windows Client provided by PureVPN may allow a local attacker to retrieve the stored password of the last user who successfully logged in to the PureVPN service. Because of this, a local attacker may obtain another user's PureVPN credentials when a Windows machine has multiple users if they have successfully logged in. The attack is done exclusively through the GUI (Graphical User Interface), there's no need to use an external tool.”
So basically, you’d need to open the Windows client, open Configuration, User Profile, and click on ‘Show Password’.
PureVPN is yet to comment on the news.
Those interested in learning more about VPNs and how they help improve your online privacy, make sure to read our Best VPN article.