CVE-2018-5731

Name of the Vulnerable Software and Affected Versions: Heimdal PRO version 2.2.190

Description: An issue in Heimdal PRO allows an attacker to exploit a vulnerability related to the scanning feature. The md.hs process writes an executable called CS1.tmp to C:windowsTEMP and then runs it. An attacker can create the file first, let md.hs overwrite it, and then rewrite the file between the time md.hs closes and executes it, potentially using opportunistic locks and a high priority thread. This issue is triggered when a scan starts.

Recommendations: For Heimdal PRO version 2.2.190, as a temporary workaround, consider restricting access to the C:windowsTEMP directory to minimize the risk of exploitation. Additionally, avoid starting scans until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.