Hot Take Results of NordVPN security audit are now available

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Nord Security, the company behind NordVPN and other products, requested an extensive security audit of NordVPN applications, add-ons, web services and APIs in June 2022. The audit was carried out by Cure53, a Germany company specialized in security audits.

Cure53 was tasked to conduct a penetration test and source code audit against "NordVPN servers, infrastructure, and NordVPN desktop applications for Windows, Linux, and macOS". The audit lasted from July 2022 to October 2022 and was compartmentalized into three work packages.

The results of the audit have been published by NordVPN on the official company website. There, interested users find the two Cure53 reports.

The researchers identified a total of 6 vulnerabilities and 17 miscellaneous items with "lower exploitation potential". While the number of identified items appears large, Cure53 notes that the scope of the audit was also large, as it involved applications, extensions, infrastructure, source code and web services that NordVPN operates.

NordVPN fixed all security issues that the researchers identified during the audit. Cure53 approved the patches and confirmed that NordVPN implemented the mitigations correctly.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top