Search...

CVE-2020-8895

2020-04-21T18:15:00

ID CVE-2020-8895
Type cve
Reporter cve@mitre.org
Modified 2020-05-04T21:15:00

Description

Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system.

JSON Vulners Source

Initial Source

{"id": "CVE-2020-8895", "bulletinFamily": "NVD", "title": "CVE-2020-8895", "description": "Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system.", "published": "2020-04-21T18:15:00", "modified": "2020-05-04T21:15:00", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8895", "reporter": "cve@mitre.org", "references": ["https://support.google.com/earth/answer/40901?hl=en"], "cvelist": ["CVE-2020-8895"], "type": "cve", "lastseen": "2020-12-09T22:03:19", "edition": 7, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["GOOGLE_EARTH_CVE-2020-8895.NASL"]}], "modified": "2020-12-09T22:03:19", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2020-12-09T22:03:19", "rev": 2}, "vulnersScore": 6.3}, "cpe": [], "affectedSoftware": [{"cpeName": "google:earth", "name": "google earth", "operator": "lt", "version": "7.3.3"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "cpe23": [], "cwe": ["CWE-427"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:google:earth:7.3.3:*:*:*:pro:*:*:*", "versionEndExcluding": "7.3.3", "vulnerable": true}], "operator": "OR"}]}}

{"nessus": [{"lastseen": "2020-09-14T15:38:36", "description": "The version of Google Earth Pro installed on the remote host is prior to 7.3.3. It is, therefore, affected by\nthe following vulnerabilities :\n\n - A DLL hijacking vulnerability exists in the Windows installer due to the use of an untrusted search path.\n An unauthenticated, local attacker can exploit this, via inserting a malicious file, to bypass\n authentication and execute arbitrary code. (CVE-2020-8895)\n\n - A buffer overflow condition exists in khcrypt implementation. An unauthenticated, adjacent attacker can\n exploit this, via a specially crafted key, to execute a MitM attack. (CVE-2020-8896)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 3, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-05-01T00:00:00", "title": "Google Earth Pro < 7.3.3 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8895", "CVE-2020-8896"], "modified": "2020-05-01T00:00:00", "cpe": ["cpe:/a:google:earth"], "id": "GOOGLE_EARTH_CVE-2020-8895.NASL", "href": "https://www.tenable.com/plugins/nessus/136192", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136192);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/04\");\n\n script_cve_id(\"CVE-2020-8895\", \"CVE-2020-8896\");\n script_xref(name:\"IAVA\", value:\"2020-A-0179\");\n\n script_name(english:\"Google Earth Pro < 7.3.3 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The Google Earth Pro installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Google Earth Pro installed on the remote host is prior to 7.3.3. It is, therefore, affected by\nthe following vulnerabilities :\n\n - A DLL hijacking vulnerability exists in the Windows installer due to the use of an untrusted search path.\n An unauthenticated, local attacker can exploit this, via inserting a malicious file, to bypass\n authentication and execute arbitrary code. (CVE-2020-8895)\n\n - A buffer overflow condition exists in khcrypt implementation. An unauthenticated, adjacent attacker can\n exploit this, via a specially crafted key, to execute a MitM attack. (CVE-2020-8896)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.google.com/earth/answer/40901\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Google Earth Pro version 7.3.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:google:earth\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"google_earth_detect_win.nbin\");\n script_require_keys(\"installed_sw/Google Earth Pro\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Google Earth Pro');\n\nconstraints = [\n { 'fixed_version' : '7.3.3' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}]}