Vulnerability-Lookup

GHSA-P7M3-JG2H-93V3

Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2022-05-24 17:25

Details

An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-7360"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-13T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)",
  "id": "GHSA-p7m3-jg2h-93v3",
  "modified": "2022-05-24T17:25:38Z",
  "published": "2022-05-24T17:25:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7360"
    },
    {
      "type": "WEB",
      "url": "https://blog.vonahi.io/when-the-path-to-system-is-wide-open"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2020-7360 (GCVE-0-2020-7360)

Vulnerability from cvelistv5 – Published: 2020-08-13 19:05 – Updated: 2024-09-17 01:21

Title

Philips SmartControl DLL Hijacking

Summary

Severity

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

rapid7

References

1 reference

URL	Tags
https://blog.vonahi.io/when-the-path-to-system-is…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
Philips	SmartControl	Affected: 4.3.15 Unaffected: 1.0.7

Date Public

2020-08-06 00:00

Credits

This issue was discovered and reported by Erik Wynter of Vonahi Security.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:25:48.983Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.vonahi.io/when-the-path-to-system-is-wide-open/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SmartControl",
          "vendor": "Philips",
          "versions": [
            {
              "status": "affected",
              "version": "4.3.15"
            },
            {
              "status": "unaffected",
              "version": "1.0.7"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered and reported by Erik Wynter of Vonahi Security."
        }
      ],
      "datePublic": "2020-08-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427 Uncontrolled Search Path Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-13T19:05:15.000Z",
        "orgId": "9974b330-7714-4307-a722-5648477acda7",
        "shortName": "rapid7"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.vonahi.io/when-the-path-to-system-is-wide-open/"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Philips SmartControl DLL Hijacking",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@rapid7.com",
          "DATE_PUBLIC": "2020-08-06T13:27:00.000Z",
          "ID": "CVE-2020-7360",
          "STATE": "PUBLIC",
          "TITLE": "Philips SmartControl DLL Hijacking"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SmartControl",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "4.3.15",
                            "version_value": "4.3.15"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "1.0.7",
                            "version_value": "1.0.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Philips"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered and reported by Erik Wynter of Vonahi Security."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-427 Uncontrolled Search Path Element"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://blog.vonahi.io/when-the-path-to-system-is-wide-open/",
              "refsource": "MISC",
              "url": "https://blog.vonahi.io/when-the-path-to-system-is-wide-open/"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7",
    "assignerShortName": "rapid7",
    "cveId": "CVE-2020-7360",
    "datePublished": "2020-08-13T19:05:15.783Z",
    "dateReserved": "2020-01-21T00:00:00.000Z",
    "dateUpdated": "2024-09-17T01:21:03.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-P7M3-JG2H-93V3

CVE-2020-7360 (GCVE-0-2020-7360)

Tags

Sightings

Nomenclature