Lucene search
+L

Filmora 12 Build 1.0.0.7 Unquoted Service Path

🗓️ 19 May 2023 00:00:00Reported by Thurein SoeType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 474 Views

Filmora 12 Build 1.0.0.7 Unquoted Service Path Vulnerabilit

Related
Code
`Vendor Name: Filmora  
Product Name: Filmora 12 version ( Build 1.0.0.7 )  
Vendor Home Page: https://filmora.wondershare.com/  
Affected Version(s): Filmora 12 version (Build 12.2.1.2088)  
Vulnerability Type: Unquoted Service Path Vulnerability (CWE-428)  
CVE Reference: CVE-2023-31747  
Security Researcher: Thurein Soe  
  
  
  
Vulnerability description:  
Filmora is professional video editing software. Wondershare NativePush  
Build 1.0.0.7 was part of Filmora 12 (Build 12.2.1.2088) Wondershare  
NativePush Build 1.0.0.7 was installed while Filmora 12 was installed. The  
service name "NativePushService" was vulnerable to unquoted service paths  
vulnerability which led to full local privilege escalation in the affected  
system as the service "NativePushService" was running as a system  
privilege. Effectively, the local user is able to elevate to local admin.  
  
C:\>sc qc NativePushService  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: NativePushService  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 NORMAL  
BINARY_PATH_NAME :  
C:\Users\HninKayThayar\AppData\Local\Wondershare\Wondershare  
NativePush\WsNativePushService.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : Wondershare Native Push Service  
DEPENDENCIES :  
SERVICE_START_NAME : LocalSystem  
  
C:\>cacls "C:\Users\HninKayThayar\AppData\Local\Wondershare\Wondershare  
NativePush\WsNativePushService.exe"  
  
C:\Users\HninKayThayar\AppData\Local\Wondershare\Wondershare  
NativePush\WsNativePushService.exe  
  
BUILTIN\Users:(ID)F  
  
NT AUTHORITY\SYSTEM:(ID)F  
  
BUILTIN\Administrators:(ID)F  
  
HNINKAYTHAYAR\HninKayThayar:(ID)F  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation