CVE-2018-10959 - Vulnerability Details - OpenCVE

Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Beyondtrust	Avecto Defendpoint

Configuration 1 [-]

OR	cpe:2.3:a:beyondtrust:avecto_defendpoint::::::::
	cpe:2.3:a:beyondtrust:avecto_defendpoint::::::::

No data.

References

Link	Providers
https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf
https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf
https://hackandpwn.com/cve-2018-10959/
https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf
https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-04-17T14:34:19

Updated: 2024-08-05T07:54:36.007Z

Reserved: 2018-05-09T00:00:00

Link: CVE-2018-10959

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-04-17T15:29:00.377

Modified: 2024-11-21T03:42:24.030

Link: CVE-2018-10959

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-05-01T00:00:00", "descriptions": [{"lang": "en", "value": "Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-12-28T20:21:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://hackandpwn.com/cve-2018-10959/"}, {"tags": ["x_refsource_MISC"], "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-10959", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://hackandpwn.com/cve-2018-10959/", "refsource": "MISC", "url": "https://hackandpwn.com/cve-2018-10959/"}, {"name": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf", "refsource": "MISC", "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf"}, {"name": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf", "refsource": "MISC", "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf"}, {"name": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf", "refsource": "MISC", "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf"}, {"name": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf", "refsource": "MISC", "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T07:54:36.007Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackandpwn.com/cve-2018-10959/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-10959", "datePublished": "2019-04-17T14:34:19", "dateReserved": "2018-05-09T00:00:00", "dateUpdated": "2024-08-05T07:54:36.007Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:avecto_defendpoint:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F8372ED-3946-4684-84F0-FF8B16140A5A", "versionEndExcluding": "4.4.267.0", "versionStartIncluding": "4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:beyondtrust:avecto_defendpoint:*:*:*:*:*:*:*:*", "matchCriteriaId": "2689FA29-56AA-46B2-BD3D-C7E3A431ECB1", "versionEndExcluding": "5.1.149.0", "versionStartIncluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch."}, {"lang": "es", "value": "Avecto Defendpoint versi\u00f3n 4 anterior a 4.4 SR6 y versi\u00f3n 5 anterior a 5.1 SR1 tiene una vulnerabilidad de Untrusted Search Path, explotable al modificar las variables de entorno para desencadenar la elevaci\u00f3n autom\u00e1tica del inicio del proceso de un atacante."}], "id": "CVE-2018-10959", "lastModified": "2024-11-21T03:42:24.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-04-17T15:29:00.377", "references": [{"source": "cve@mitre.org", "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf"}, {"source": "cve@mitre.org", "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf"}, {"source": "cve@mitre.org", "url": "https://hackandpwn.com/cve-2018-10959/"}, {"source": "cve@mitre.org", "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf"}, {"source": "cve@mitre.org", "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_4.4.267.0_SR6.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://hackandpwn.com/assets/2019-04-17-cve-2018-10959/Defendpoint_Windows_Client_Release_Notes_5.1.149.0_SR1.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://hackandpwn.com/cve-2018-10959/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-4-4-sr6.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.beyondtrust.com/docs/release-notes/privilege-management/windows-and-mac/windows/pm-windows-5-1.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}]}