PT-2026-51074 · Nuget · Corewcf.Netnamedpipe

Publicado

2026-06-19

Atualizado

2026-06-19

CVE-2026-54777

CVSS v3.1

6.5

Média

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

Impact

CoreWCF NetNamedPipe transport accepts attach to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic. NetNamedPipe creates a shared memory object based on the listening url, then generated a unique GUID for the named pipe it will be using and saves this to the shared memory object. Then it creates the named pipe to listen for clients. This requires an attacker to race the service and create the named pipe between the service publishing the GUID to the shared memory location (which the attacker needs to read) and the service creating the named pipe itself.

Patches

Fixed in CoreWCF v1.8.1 and v1.9.1

Workarounds

None

Correção

Time Of Check To Time Of Use

Improper Initialization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-367CWE-665

Identificadores relacionados

CVE-2026-54777

GHSA-6JJ2-4Q5C-X8G6

Produtos afetados

Corewcf.Netnamedpipe

PT-2026-51074 · Nuget · Corewcf.Netnamedpipe

CVE-2026-54777

Impact

Patches

Workarounds

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3