PT-2018-16913 · Heimdal Security · Heimdal Corp+2

Publicado

2018-03-22

Atualizado

2019-10-03

CVE-2018-5349

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Heimdal PRO version 2.2.190 Heimdal FREE (affected versions not specified) Heimdal CORP (affected versions not specified)

Description A vulnerability has been found that allows for privilege escalation due to faulty permissions on the directory "C:ProgramDataHeimdal SecurityHeimdal Agent". This directory allows BUILTINUsers to write new files, and on startup, the process Heimdal.MonitorServices.exe running as SYSTEM attempts to load version.dll from this directory. An attacker can exploit this by placing a malicious version.dll in the directory.

Recommendations For Heimdal PRO version 2.2.190: Update the permissions on the "C:ProgramDataHeimdal SecurityHeimdal Agent" directory to prevent BUILTINUsers from writing new files. For Heimdal FREE and Heimdal CORP: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2018-5349

Produtos afetados

Heimdal Corp

Heimdal Free

Heimdal Pro

PT-2018-16913 · Heimdal Security · Heimdal Corp+2

CVE-2018-5349

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3