Lucene search

Veracode Vulnerability DatabaseVERACODE:45418

HistoryFeb 09, 2024 - 7:04 a.m.

DLL Redirection Attacks

2024-02-0907:04:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

wix

vulnerability

dll redirection

privilege escalation

malicious dll

directory structure

security checks

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.7%

JSON

wix is vulnerable to DLL Redirection Attacks. The vulnerability is due to insufficient security checks in handling the TEMP folder, allowing attackers to escalate privileges by dropping a malicious DLL into a specific directory structure monitored by the burn engine, which when elevated, loads the malicious DLL. This flow allow the attacker to escalate privileges.

CPENameOperatorVersion
wixle4.0.3
wixle3.11.2
wixle4.0.3
wixle3.11.2

Name	Operator	Version
wix	le	4.0.3
wix	le	3.11.2
wix	le	4.0.3
wix	le	3.11.2

References

github.com/wixtoolset/issues/security/advisories/GHSA-7wh2-wxc7-9ph5

github.com/wixtoolset/wix/commit/fec38b6461d0551339139a2fe52403a61942adc0

8.2 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.7%

JSON

Related for VERACODE:45418