Independent auditors have put the safety infrastructure of all NordvPN applications under the microscope once again, showing the continuous commitment of the supplier to transparency, privacy and safety.
The results of the security audit come, in fact, only a few weeks after the best Techradar VPN provider also demonstrated its claims without registration with a third party check.
The leading audit firm Cure53 carried out a series of tests in all NordvPN desktop applications, mobile applications, browser extensions and some key features. The experts found a total of 31 findings, although none of them was critical, that the Nord team fixed mainly at the time of writing.
Nordvpn Security Audit
Cure53 experts made a combination of penetration reviews and source code between June and August 2024, during a total of fifty -five days.
As mentioned above, Nordvpn applications (Windows, Macos, Linux, iOS and Android VPN) and browser extensions (Chrome, Edge and Firefox) were not the only technology that will be inspected. Auditors also disassemble the protection of Nordvpn threats, the protection of pro and meshnet threats.
Cure53 found a total of 31 findings, with 22 classified as security vulnerabilities (with some classified as high) and nine as general weaknesses with a lower exploitation potential.
“This security evaluation revealed a large number of problems. However, given the wide range included in the Cure53 exam, and the large attack surface that it covered, it was expected a higher number of the problems,” the auditors said in their final report, sharing recommendations to solve these problems.
At the same time, however, the auditors observed “the system used several libraries well considered, including NGHTTP2, OpenSSL and Boost”, which are known for their stability and security.
On his side, NordvPN has hosted the suggestions of Cure53 and has already applied a solution for most problems, which was also verified by Cure53.
“Security is the core of everything we do in Nordvpn. Independent evaluations such as this allow us to continually refine our technology and stay ahead of emerging threats,” said Nordvpn Cto Marijus Briedis, ensuring that the team quickly implemented all the necessary improvements to guarantee the highest level of protection for users.
Despite the findings, explains the supplier, the last evaluation of Cure53 has confirmed that NordvPN applications are based on a solid safety base since there were no critical problems.
Security audits occur when the supplier confirmed their non-log claims for the fifth time since 2018 in February. In that case, Deloitte experts inspected the NORDVPN server configuration and relevant IT systems to ensure that user -related data is never recorded as indicated in their privacy policy.
“Our work to improve security is never over, and we will continue advancing,” Briedis said. “We are proud of these results and we will continue to make NordvPN one of the safest VPN services available to all.”
You can read the full Cure53 report addressing the user’s control panel on the supplier’s website or clicking here.
We tested and review VPN services in the context of legal recreational uses. For example: 1. Access a service from another country (subject to the terms and conditions of that service). 2. Protect your online safety and strengthen your online privacy when you are abroad. We do not support or tolerate the illegal or malicious use of VPN services. The consumption of pirated content that is paid is not backed or approved by Future Publishing.
