CVE-2019-12576

Exploit

EPSS 0.05%
Veröffentlicht 11.07.2019 20:15:13
Zuletzt bearbeitet 21.11.2024 04:23:07
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The openvpn_launcher binary is setuid root. This program is called during the connection process and executes several operating system utilities to configure the system. The networksetup utility is called using relative paths. A local unprivileged user can execute arbitrary commands as root by creating a networksetup trojan which will be executed during the connection process. This is possible because the PATH environment variable is not reset prior to executing the OS utility.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Londontrustmedia ≫ Private Internet Access Vpn Client Version82

Apple ≫ macOS Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.17

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-426 Untrusted Search Path

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12576.txt

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2019-12576

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-12576

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-12576

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2019-12576