Vulners
Lucene search
Wondershare Dr Fone 12.9.6 Weak Permissions / Privilege Escalation
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | Wondershare Dr.Fone 12.9.6 Weak Permissions / Privilege Escalation Vulnerability | 12 Mar 202300:00 | – | zdt |
| Wondershare Dr Fone 12.9.6 - Privilege Escalation Vulnerability | 7 Apr 202300:00 | – | zdt |
 | CVE-2023-27010 | 13 Mar 202321:53 | – | circl |
 | Wondershare Dr.Fone 安全漏洞 | 13 Mar 202300:00 | – | cnnvd |
 | CVE-2023-27010 | 13 Mar 202300:00 | – | cve |
 | CVE-2023-27010 | 13 Mar 202300:00 | – | cvelist |
 | Wondershare Dr Fone 12.9.6 - Privilege Escalation | 7 Apr 202300:00 | – | exploitdb |
 | EUVD-2023-30800 | 3 Oct 202520:07 | – | euvd |
 | CVE-2023-27010 | 13 Mar 202319:15 | – | nvd |
 | Code injection | 13 Mar 202319:15 | – | prion |
10
`Executive Summary:
Product Name: Wondershare Dr. Fone
Vendor Home Page: https://drfone.wondershare.com
Affected Version(s): Dr Fone version 12.9.6
Vulnerability Type: Execution with Unnecessary Privileges (CWE-250)
CVE Reference: CVE-2023-27010.
Credit: Thurein Soe
Vendor Description:
Wondershare Dr. Fone is an app designed to help with data recovery and
management for all Android and iOS devices.
Vulnerability description:
Wondershare Dr Fone version 12.9.6 running services named "WsDrvInst" on
Windows have weak service permissions and are susceptible to local
privilege escalation vulnerability. Weak service permissions run with
system user permission, allowing a standard user/domain user to elevate to
administrator privilege upon successfully modifying the service or
replacing the affected executable. DriverInstall.exe gave modification
permission to any authenticated users in the windows operating system,
allowing standard users to modify the service and leading to Privilege
Escalation.
C:\Users\NyaMeeEain\Desktop>cacls "C:\Program Files
(x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe"
C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe
Everyone:(ID)F
NT AUTHORITY\SYSTEM:(ID)F
BUILTIN\Administrators:(ID)F
BUILTIN\Users:(ID)R
APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(ID)R
APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(ID)R
C:\Users\NyaMeeEain\Desktop>sc qc WsDrvInst
SERVICE_NAME: WsDrvInst
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 3 DEMAND_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : "C:\Program Files
(x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe"
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Wondershare Driver Install Service
DEPENDENCIES : RPCSS
SERVICE_START_NAME : LocalSystem
References:
https://cwe.mitre.org/data/definitions/250.html
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Mar 2023 00:00Current
0.2Low risk
Vulners AI Score0.2
EPSS0.00625