CVE-2026-2542 - Vulnerability Details

- Total VPN win-service.exe unquoted search path

Description

A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability is an unknown functionality of the file C:\Program Files\Total VPN\win-service.exe. Executing a manipulation can lead to unquoted search path. It is possible to launch the attack on the local host. This attack is characterized by high complexity. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-02-16

Score: 7.3 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A local attacker can exploit the unquoted search path used by the Total VPN win-service.exe executable to load a malicious DLL. The vulnerability, classified as an untrusted search path flaw, allows an attacker to execute code with the same privileges as the service, potentially leading to system compromise. The description indicates that exploitation requires significant effort and is difficult, yet the weakness remains present in a running instance of the service.

Affected Systems

Windows systems running Total VPN version 0.5.29.0 are affected. The vulnerability specifically targets the executable located at C:\Program Files\Total VPN\win-service.exe. No other versions or vendors are listed as impacted.

Risk and Exploitability

The CVSS score of 7.3 signals a high severity, but the EPSS score of less than 1% and the absence from the KEV catalog suggest that the likelihood of active exploitation is low. The attack requires local privileges and a high level of complexity, meaning that while the risk is moderate, the opportunity for automated exploitation is limited. Systems should monitor for suspicious DLL loading and consider local mitigation measures.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Total VPN

affected

Version	Status	Constraints
`0.5.29.0`	affected	—

No data.

Vendor Product Confidence Versions

Total Vpn

—

Version	Status	Scheme	Platform
`0.5.29.0`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Reconfigure the Windows service to use a fully quoted, absolute path for win-service.exe to eliminate the untrusted search path risk.
Move win-service.exe to a directory without spaces or relocate it to a secure location and update all related service definitions.
Apply file system permissions that restrict write access to the Program Files directory and monitor for unauthorized DLLs being introduced in service directories.

Generated by OpenCVE AI on April 17, 2026 at 19:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Local

Attack Complexity High

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00006.

Exploitation poc

Automatable no

Technical Impact total

References

Link	Providers
https://github.com/Cyber-Wo0dy/report/blob/main/totalvpn/0.5.29.0/totalvpn_unquoted_service_path.md
https://vuldb.com/?ctiid.346127
https://vuldb.com/?id.346127
https://vuldb.com/?submit.749365

History

Tue, 17 Feb 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 17 Feb 2026 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Total Vpn Total Vpn total Vpn
Vendors & Products		Total Vpn Total Vpn total Vpn

Mon, 16 Feb 2026 06:45:00 +0000

Type	Values Removed	Values Added
Description		A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability is an unknown functionality of the file C:\Program Files\Total VPN\win-service.exe. Executing a manipulation can lead to unquoted search path. It is possible to launch the attack on the local host. This attack is characterized by high complexity. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Title		Total VPN win-service.exe unquoted search path
Weaknesses		CWE-426 CWE-428
References		https://github.com/Cyber-Wo0dy/report/blob/main/totalvpn/0.5.29.0/totalvpn_unquoted_service_path.md https://vuldb.com/?ctiid.346127 https://vuldb.com/?id.346127 https://vuldb.com/?submit.749365
Metrics		cvssV2_0 `{'score': 6, 'vector': 'AV:L/AC:H/Au:S/C:C/I:C/A:C/E:ND/RL:ND/RC:UR'}` cvssV3_0 `{'score': 7, 'vector': 'CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R'}` cvssV3_1 `{'score': 7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:R'}` cvssV4_0 `{'score': 7.3, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X'}`

Subscriptions

Total Vpn Total Vpn

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-02-16T06:32:06.931Z

Updated: 2026-02-23T10:06:37.939Z

Reserved: 2026-02-15T15:36:07.667Z

Link: CVE-2026-2542

Vulnrichment

Updated: 2026-02-17T16:58:38.048Z

NVD

Status : Deferred

Published: 2026-02-16T07:17:00.803

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-2542

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-17T19:15:26Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Exploitation poc

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object