PT-2019-19003 · Thomson Reuters · Thomson Reuters Desktop Extensions

Published

2019-06-05

Updated

2019-06-06

CVE-2019-8385

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Thomson Reuters Desktop Extensions version 1.9.0.358

Description An issue allows an unauthenticated remote attacker to perform directory traversal and local file inclusion via a .. to port 6677, potentially listing or enumerating sensitive file contents. This could also lead to privilege escalation by accessing the machine's SAM and SYSTEM database files, as well as remote code execution.

Recommendations For Thomson Reuters Desktop Extensions version 1.9.0.358, consider restricting access to port 6677 as a temporary workaround until a patch is available. Avoid using the ThomsonReuters.Desktop.Service.exe and ThomsonReuters.Desktop.exe services in sensitive environments until the issue is resolved.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2019-8385

Affected Products

Thomson Reuters Desktop Extensions

PT-2019-19003 · Thomson Reuters · Thomson Reuters Desktop Extensions

CVE-2019-8385

Weakness Enumeration

Related Identifiers

Affected Products

References · 5