Common Weakness Enumeration

CWE-426

Allowed-with-Review

Untrusted Search Path

Abstraction: Base · Status: Stable

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

892 vulnerabilities reference this CWE, most recent first.

CVE-2020-8338 (GCVE-0-2020-8338)

Vulnerability from cvelistv5 – Published: 2020-10-14 21:25 – Updated: 2024-08-04 09:56
VLAI
Summary
A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.
CWE
Assigner
References
Impacted products
Vendor Product Version
Lenovo Diagnostics Affected: unspecified , < 4.35.4 (custom)
Create a notification for this product.
Credits
Lenovo thanks Xavier DANEST - Decathlon for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:28.465Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-32702"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Diagnostics",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "4.35.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Lenovo thanks Xavier DANEST - Decathlon for reporting this issue."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-14T21:25:20.000Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-32702"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to Lenovo Diagnostics version 4.35.4 (or newer)."
        }
      ],
      "source": {
        "advisory": "LEN-32702",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "ID": "CVE-2020-8338",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Diagnostics",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.35.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Lenovo thanks Xavier DANEST - Decathlon for reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426 Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-32702",
              "refsource": "MISC",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-32702"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade to Lenovo Diagnostics version 4.35.4 (or newer)."
          }
        ],
        "source": {
          "advisory": "LEN-32702",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2020-8338",
    "datePublished": "2020-10-14T21:25:20.000Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2024-08-04T09:56:28.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8317 (GCVE-0-2020-8317)

Vulnerability from cvelistv5 – Published: 2020-07-24 16:10 – Updated: 2024-09-17 00:10
VLAI
Summary
A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
CWE
Assigner
References
Impacted products
Vendor Product Version
Lenovo Drivers Management Affected: unspecified , < 2.7.1128.1046 (custom)
Create a notification for this product.
Date Public
2020-07-24 00:00
Credits
Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:56:28.388Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Drivers Management",
          "vendor": "Lenovo",
          "versions": [
            {
              "lessThan": "2.7.1128.1046",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue."
        }
      ],
      "datePublic": "2020-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-24T16:10:25.000Z",
        "orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
        "shortName": "lenovo"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
        }
      ],
      "source": {
        "advisory": "LEN-38381",
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@lenovo.com",
          "DATE_PUBLIC": "2020-07-24T16:00:00.000Z",
          "ID": "CVE-2020-8317",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Drivers Management",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "2.7.1128.1046"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Lenovo"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Lenovo thanks Can Huang and Xinhui Han at Wangxuan Institute of Computer Technology, Peking University for reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426 Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://iknow.lenovo.com.cn/detail/dc_190088.html",
              "refsource": "MISC",
              "url": "https://iknow.lenovo.com.cn/detail/dc_190088.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update to Lenovo Drivers Management version 2.7.1128.1046 (or newer)."
          }
        ],
        "source": {
          "advisory": "LEN-38381",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
    "assignerShortName": "lenovo",
    "cveId": "CVE-2020-8317",
    "datePublished": "2020-07-24T16:10:25.529Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2024-09-17T00:10:49.213Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8096 (GCVE-0-2020-8096)

Vulnerability from cvelistv5 – Published: 2020-04-07 08:00 – Updated: 2024-09-16 16:42
VLAI
Title
Untrusted Search Path Vulnerability in High-Level Antimalware SDK
Summary
Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK for Windows versions prior to 3.0.1.204 .
CWE
Assigner
References
Impacted products
Vendor Product Version
Bitdefender High-Level Antimalware SDK for Windows Affected: unspecified , < 3.0.1.204 (custom)
Create a notification for this product.
Date Public
2020-02-17 00:00
Credits
Ander Martinez Sola
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:25.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-high-level-antimalware-sdk-windows/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "High-Level Antimalware SDK for Windows",
          "vendor": "Bitdefender",
          "versions": [
            {
              "lessThan": "3.0.1.204",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Ander Martinez Sola"
        }
      ],
      "datePublic": "2020-02-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK for Windows versions prior to 3.0.1.204 ."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-07T08:00:22.000Z",
        "orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
        "shortName": "Bitdefender"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-high-level-antimalware-sdk-windows/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "An updated version of the High-Level Antimalware SDK for Windows (version 3.0.1.204, delivered ion August 30, 219) fixes the issue."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Untrusted Search Path Vulnerability in High-Level Antimalware SDK",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve-requests@bitdefender.com",
          "DATE_PUBLIC": "2020-02-17T10:00:00.000Z",
          "ID": "CVE-2020-8096",
          "STATE": "PUBLIC",
          "TITLE": "Untrusted Search Path Vulnerability in High-Level Antimalware SDK"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "High-Level Antimalware SDK for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "3.0.1.204"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Bitdefender"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Ander Martinez Sola"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK for Windows versions prior to 3.0.1.204 ."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426 Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-high-level-antimalware-sdk-windows/",
              "refsource": "MISC",
              "url": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-high-level-antimalware-sdk-windows/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "An updated version of the High-Level Antimalware SDK for Windows (version 3.0.1.204, delivered ion August 30, 219) fixes the issue."
          }
        ],
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
    "assignerShortName": "Bitdefender",
    "cveId": "CVE-2020-8096",
    "datePublished": "2020-04-07T08:00:22.306Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2024-09-16T16:42:32.895Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-8094 (GCVE-0-2020-8094)

Vulnerability from cvelistv5 – Published: 2025-01-15 16:12 – Updated: 2025-01-15 16:48
VLAI
Title
Untrusted Search Path Vulnerability in Bitdefender Antivirus Free 2020 (VA-8422)
Summary
An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Bitdefender Antivirus Free 2020 Affected: 0 , < 1.0.16.152 (custom)
Create a notification for this product.
Date Public
2020-02-07 10:00
Credits
Gábor Selján
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-8094",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-15T16:47:23.387210Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-15T16:48:23.541Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Antivirus Free 2020",
          "vendor": "Bitdefender",
          "versions": [
            {
              "lessThan": "1.0.16.152",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "G\u00e1bor Selj\u00e1n"
        }
      ],
      "datePublic": "2020-02-07T10:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eAn untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-641",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-641 DLL Side-Loading"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-15T16:12:35.432Z",
        "orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
        "shortName": "Bitdefender"
      },
      "references": [
        {
          "url": "https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-bitdefender-antivirus-free-2020-va-8422/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eThe vulnerability was fixed in Bitdefender Antivirus Free version 1.0.16.152. The fix has been automatically applied to affected instances.\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "The vulnerability was fixed in Bitdefender Antivirus Free version 1.0.16.152. The fix has been automatically applied to affected instances."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Untrusted Search Path Vulnerability in Bitdefender Antivirus Free 2020 (VA-8422)",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
    "assignerShortName": "Bitdefender",
    "cveId": "CVE-2020-8094",
    "datePublished": "2025-01-15T16:12:35.432Z",
    "dateReserved": "2020-01-28T00:00:00.000Z",
    "dateUpdated": "2025-01-15T16:48:23.541Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7490 (GCVE-0-2020-7490)

Vulnerability from cvelistv5 – Published: 2020-04-22 18:48 – Updated: 2024-08-04 09:33
VLAI
Summary
A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the system running Vijeo Basic when a malicious DLL library is loaded by the Product.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
n/a Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior) Affected: Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-105-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the system running Vijeo Basic when a malicious DLL library is loaded by the Product."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-22T18:48:47.000Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-105-03"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7490",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-426: Untrusted Search Path vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 15 and prior) and Vijeo Designer (V6.9 SP9 and prior), which could cause arbitrary code execution on the system running Vijeo Basic when a malicious DLL library is loaded by the Product."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426: Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-105-03",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-105-03"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7490",
    "datePublished": "2020-04-22T18:48:47.000Z",
    "dateReserved": "2020-01-21T00:00:00.000Z",
    "dateUpdated": "2024-08-04T09:33:19.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7476 (GCVE-0-2020-7476)

Vulnerability from cvelistv5 – Published: 2020-03-23 19:01 – Updated: 2024-08-04 09:33
VLAI
Summary
A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of malicious code when a malicious file is put in the search path.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
n/a ZigBee Installation Toolkit (Versions prior to 1.0.1) Affected: ZigBee Installation Toolkit (Versions prior to 1.0.1)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:18.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ZigBee Installation Toolkit (Versions prior to 1.0.1)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "ZigBee Installation Toolkit (Versions prior to 1.0.1)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of malicious code when a malicious file is put in the search path."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-23T19:01:22.000Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-03"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ZigBee Installation Toolkit (Versions prior to 1.0.1)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "ZigBee Installation Toolkit (Versions prior to 1.0.1)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of malicious code when a malicious file is put in the search path."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426: Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-070-03",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-070-03"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7476",
    "datePublished": "2020-03-23T19:01:22.000Z",
    "dateReserved": "2020-01-21T00:00:00.000Z",
    "dateUpdated": "2024-08-04T09:33:18.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7315 (GCVE-0-2020-7315)

Vulnerability from cvelistv5 – Published: 2020-09-10 09:55 – Updated: 2024-09-16 20:51
VLAI
Title
DLL Injection vulnerability in MA for Windows
Summary
DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.
CWE
Assigner
References
Impacted products
Vendor Product Version
McAfee LLC MA for Windows Affected: 5.6.x , < 5.6.6 (custom)
Create a notification for this product.
Date Public
2020-09-09 00:00
Credits
McAfee credits Clément Notin for responsibly reporting this flaw.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:25:48.966Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10325"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MA for Windows",
          "vendor": "McAfee LLC",
          "versions": [
            {
              "lessThan": "5.6.6",
              "status": "affected",
              "version": "5.6.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "McAfee credits Cl\u00e9ment Notin for responsibly reporting this flaw."
        }
      ],
      "datePublic": "2020-09-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-10T09:55:14.000Z",
        "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "shortName": "trellix"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10325"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "DLL Injection vulnerability in MA for Windows",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mcafee.com",
          "DATE_PUBLIC": "2020-09-09T00:00:00.000Z",
          "ID": "CVE-2020-7315",
          "STATE": "PUBLIC",
          "TITLE": "DLL Injection vulnerability in MA for Windows"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MA for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.6.x",
                            "version_value": "5.6.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "McAfee LLC"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "McAfee credits Cl\u00e9ment Notin for responsibly reporting this flaw."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426: Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10325",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10325"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
    "assignerShortName": "trellix",
    "cveId": "CVE-2020-7315",
    "datePublished": "2020-09-10T09:55:14.173Z",
    "dateReserved": "2020-01-21T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:51:55.703Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-7279 (GCVE-0-2020-7279)

Vulnerability from cvelistv5 – Published: 2020-06-10 11:17 – Updated: 2024-09-16 20:36
VLAI
Title
DLL search order hijacking in Host IPS
Summary
DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder.
CWE
Assigner
References
Impacted products
Vendor Product Version
McAfee, LLC McAfee Host Intrusion Prevention System (Host IPS) for Windows Affected: 8.0.x , < 8.0.0 Patch 15 update (custom)
Create a notification for this product.
Date Public
2020-06-09 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:25:48.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10320"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "McAfee Host Intrusion Prevention System (Host IPS) for Windows",
          "vendor": "McAfee, LLC",
          "versions": [
            {
              "lessThan": "8.0.0 Patch 15 update",
              "status": "affected",
              "version": "8.0.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-06-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-19T16:23:49.000Z",
        "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "shortName": "trellix"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10320"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "DLL search order hijacking in Host IPS",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mcafee.com",
          "DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
          "ID": "CVE-2020-7279",
          "STATE": "PUBLIC",
          "TITLE": "DLL search order hijacking in Host IPS"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "McAfee Host Intrusion Prevention System (Host IPS) for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.0.x",
                            "version_value": "8.0.0 Patch 15 update"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "McAfee, LLC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DLL Search Order Hijacking Vulnerability in the installer component of McAfee Host Intrusion Prevention System (Host IPS) for Windows prior to 8.0.0 Patch 15 Update allows attackers with local access to execute arbitrary code via execution from a compromised folder."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426: Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10320",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10320"
            }
          ]
        },
        "source": {
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
    "assignerShortName": "trellix",
    "cveId": "CVE-2020-7279",
    "datePublished": "2020-06-10T11:17:50.265Z",
    "dateReserved": "2020-01-21T00:00:00.000Z",
    "dateUpdated": "2024-09-16T20:36:32.721Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-6654 (GCVE-0-2020-6654)

Vulnerability from cvelistv5 – Published: 2020-09-30 20:36 – Updated: 2024-09-16 19:10
VLAI
Title
DLL Hijacking
Summary
A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.
CWE
  • CWE-427 - Uncontrolled Search Path Element
  • CWE-426 - Untrusted Search Path
Assigner
References
Impacted products
Vendor Product Version
Eaton 9000x Programming and Configuration Software Affected: unspecified , ≤ 2.0.38 (custom)
Create a notification for this product.
Date Public
2020-09-07 00:00
Credits
Eaton would like to thank Yongjun liu from Nsfocus security team
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:11:04.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "9000x Programming and Configuration Software",
          "vendor": "Eaton",
          "versions": [
            {
              "lessThanOrEqual": "2.0.38",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Eaton would like to thank Yongjun liu from Nsfocus security team"
        }
      ],
      "datePublic": "2020-09-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A DLL Hijacking vulnerability in Eaton\u0027s 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427 Uncontrolled Search Path Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-30T20:36:20.000Z",
        "orgId": "63703b7d-23e2-41ef-94b3-a3c6333f7759",
        "shortName": "Eaton"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update the software to latest version available."
        }
      ],
      "source": {
        "advisory": "ETN-VA-2020-1007",
        "defect": [
          "ETN-VA-2020-1007"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "DLL Hijacking",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "CybersecurityCOE@eaton.com",
          "DATE_PUBLIC": "2020-09-07T07:21:00.000Z",
          "ID": "CVE-2020-6654",
          "STATE": "PUBLIC",
          "TITLE": "DLL Hijacking"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "9000x Programming and Configuration Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "2.0.38"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Eaton"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Eaton would like to thank Yongjun liu from Nsfocus security team"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DLL Hijacking vulnerability in Eaton\u0027s 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-427 Uncontrolled Search Path Element"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426 Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf",
              "refsource": "CONFIRM",
              "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update the software to latest version available."
          }
        ],
        "source": {
          "advisory": "ETN-VA-2020-1007",
          "defect": [
            "ETN-VA-2020-1007"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "63703b7d-23e2-41ef-94b3-a3c6333f7759",
    "assignerShortName": "Eaton",
    "cveId": "CVE-2020-6654",
    "datePublished": "2020-09-30T20:36:20.513Z",
    "dateReserved": "2020-01-09T00:00:00.000Z",
    "dateUpdated": "2024-09-16T19:10:14.741Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-6023 (GCVE-0-2020-6023)

Vulnerability from cvelistv5 – Published: 2020-10-27 13:52 – Updated: 2024-08-04 08:47
VLAI
Summary
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
n/a Check Point ZoneAlarm Affected: before 15.8.139.18543
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T08:47:40.917Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zonealarm.com/software/extreme-security/release-history"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Check Point ZoneAlarm",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before 15.8.139.18543"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426: Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-27T13:52:57.000Z",
        "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "shortName": "checkpoint"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zonealarm.com/software/extreme-security/release-history"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@checkpoint.com",
          "ID": "CVE-2020-6023",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Check Point ZoneAlarm",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "before 15.8.139.18543"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-426: Untrusted Search Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.zonealarm.com/software/extreme-security/release-history",
              "refsource": "MISC",
              "url": "https://www.zonealarm.com/software/extreme-security/release-history"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
    "assignerShortName": "checkpoint",
    "cveId": "CVE-2020-6023",
    "datePublished": "2020-10-27T13:52:57.000Z",
    "dateReserved": "2020-01-07T00:00:00.000Z",
    "dateUpdated": "2024-08-04T08:47:40.917Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation
Architecture and Design Implementation

Strategy: Attack Surface Reduction

Hard-code the search path to a set of known-safe values (such as system directories), or only allow them to be specified by the administrator in a configuration file. Do not allow these settings to be modified by an external party. Be careful to avoid related weaknesses such as CWE-426 and CWE-428.

Mitigation
Implementation

When invoking other programs, specify those programs using fully-qualified pathnames. While this is an effective approach, code that uses fully-qualified pathnames might not be portable to other systems that do not use the same pathnames. The portability can be improved by locating the full-qualified paths in a centralized, easily-modifiable location within the source code, and having the code refer to these paths.

Mitigation
Implementation

Remove or restrict all environment settings before invoking other programs. This includes the PATH environment variable, LD_LIBRARY_PATH, and other settings that identify the location of code libraries, and any application-specific search paths.

Mitigation
Implementation

Check your search path before use and remove any elements that are likely to be unsafe, such as the current working directory or a temporary files directory.

Mitigation
Implementation

Use other functions that require explicit paths. Making use of any of the other readily available functions that require explicit paths is a safe way to avoid this problem. For example, system() in C does not require a full path since the shell can take care of it, while execl() and execv() require a full path.

CAPEC-38: Leveraging/Manipulating Configuration File Search Paths

This pattern of attack sees an adversary load a malicious resource into a program's standard path so that when a known command is executed then the system instead executes the malicious component. The adversary can either modify the search path a program uses, like a PATH variable or classpath, or they can manipulate resources on the path to point to their malicious components. J2EE applications and other component based applications that are built from multiple binaries can have very long list of dependencies to execute. If one of these libraries and/or references is controllable by the attacker then application controls can be circumvented by the attacker.