// For flags

CVE-2018-5349

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On startup, the process Heimdal.MonitorServices.exe running as SYSTEM will attempt to load version.dll from this directory. Placing a malicious version.dll in this directory will result in privilege escalation. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site.

Se ha encontrado una vulnerabilidad en Heimdal PRO v2.2.190, pero podría estar también presente en Heimdal FREE y Heimdal CORP. Errores en los permisos del directorio "C:\ProgramData\Heimdal Security\Heimdal Agent" permiten que BUILTIN\Users escriba nuevos archivos en el directorio. En el arranque, el proceso Heimdal.MonitorServices.exe que se ejecuta como SYSTEM intentará cargar version.dll de este directorio. La colocación de un version.dll malicioso en este directorio resultará en un escalado de privilegios. NOTA: ningún producto de Heimdal afectado tiene relación con el fabricante de Heimdal de un producto Kerberos 5 en el sitio web h5l.org.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-01-11 CVE Reserved
  • 2018-03-22 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • 2024-08-05 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (1)
URL Tag Source
URL Date SRC
https://improsec.com/blog/heimdal-advisory-1 2024-08-05
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Heimdalsecurity
Search vendor "Heimdalsecurity"
 Heimdal
Search vendor "Heimdalsecurity" for product "Heimdal"
 2.2.190
Search vendor "Heimdalsecurity" for product "Heimdal" and version "2.2.190"
pro
Affected