CVE-2024-1618

Unquoted item or search path vulnerability in Faronics Deep Freeze Server Standard

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe service executable with a malicious file of the same name and located in a directory that has a higher priority than the legitimate directory. Thus, when the service starts, it will run the malicious file instead of the legitimate executable, allowing the attacker to execute arbitrary code, gain unauthorized access to the compromised system or stop the service from running.

Una ruta de búsqueda o vulnerabilidad de elemento sin comillas en Faronics Deep Freeze Server Standard, que afecta a las versiones 8.30.020.4627 y anteriores. Esta vulnerabilidad afecta al archivo DFServ.exe. Un atacante con privilegios de usuario local podría aprovechar esta vulnerabilidad para reemplazar el ejecutable del servicio DFServ.exe legítimo con un archivo malicioso con el mismo nombre y ubicado en un directorio que tenga mayor prioridad que el directorio legítimo. Por lo tanto, cuando se inicia el servicio, ejecutará el archivo malicioso en lugar del ejecutable legítimo, lo que permitirá al atacante ejecutar código arbitrario, obtener acceso no autorizado al sistema comprometido o detener la ejecución del servicio.

*Credits: Rafael Pedrero

CVSS Scores

INCIBEv3.1 7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-02-19 CVE Reserved
2024-03-12 CVE Published
2024-03-13 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-428: Unquoted Search Path or Element

CAPEC

CAPEC-38: Leveraging/Manipulating Configuration File Search Paths

References (1)

URL	Tag	Source
https://www.incibe.es/en/incibe-cert/notices/aviso/unquoted-item-or-search-path-vulnerability-faronics-deep-freeze-server

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Faronics Search vendor "Faronics"		Deep Freeze Server Standard Search vendor "Faronics" for product "Deep Freeze Server Standard"				<= 8.30.020.4627 Search vendor "Faronics" for product "Deep Freeze Server Standard" and version " <= 8.30.020.4627"		en		Affected