github - ghsa-w973-74m8-8xw5

GHSA-W973-74M8-8XW5

Vulnerability from github – Published: 2022-01-12 00:01 – Updated: 2022-01-22 00:02

Details

Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-0129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-427"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-11T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from.",
  "id": "GHSA-w973-74m8-8xw5",
  "modified": "2022-01-22T00:02:25Z",
  "published": "2022-01-12T00:01:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0129"
    },
    {
      "type": "WEB",
      "url": "https://service.mcafee.com/?articleId=TS103243"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2022-0129 (GCVE-0-2022-0129)

Vulnerability from cvelistv5 – Published: 2022-01-11 17:10 – Updated: 2024-08-02 23:18

Title

DLL Highjack vulnerability in McAfee TechCheck utility

Summary

Severity ?

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

trellix

References

URL

Tags

https://service.mcafee.com/?articleId=TS103243

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	McAfee,LLC	McAfee TechCheck	Affected: unspecified , < 4.0.0.2 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://service.mcafee.com/?articleId=TS103243"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "McAfee TechCheck",
          "vendor": "McAfee,LLC",
          "versions": [
            {
              "lessThan": "4.0.0.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427: Uncontrolled Search Path Element\t",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-11T17:10:10",
        "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "shortName": "trellix"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://service.mcafee.com/?articleId=TS103243"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "DLL Highjack vulnerability in McAfee TechCheck utility",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mcafee.com",
          "ID": "CVE-2022-0129",
          "STATE": "PUBLIC",
          "TITLE": "DLL Highjack vulnerability in McAfee TechCheck utility"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "McAfee TechCheck",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.0.0.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "McAfee,LLC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-427: Uncontrolled Search Path Element\t"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://service.mcafee.com/?articleId=TS103243",
              "refsource": "CONFIRM",
              "url": "https://service.mcafee.com/?articleId=TS103243"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
    "assignerShortName": "trellix",
    "cveId": "CVE-2022-0129",
    "datePublished": "2022-01-11T17:10:10",
    "dateReserved": "2022-01-05T00:00:00",
    "dateUpdated": "2024-08-02T23:18:41.751Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-W973-74M8-8XW5

CVE-2022-0129 (GCVE-0-2022-0129)

Tags

Sightings

Nomenclature