Untrusted data is executed as System via a PAC file read by CrashPlanService.exe
Who is this article for?
Incydr, yes.
CrashPlan for Enterprise, yes.
Code42 for Enterprise, yes.
CrashPlan for Small Business, yes.
Overview
This article provides details about a security vulnerability in the Code42 app.
Description
A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user.
Affected versions
6.9.2 or earlier, 6.8.7 or earlier, 6.7.4 or earlier
Resolution
This vulnerability has been fixed in Code42 app versions 6.9.4 and later, 6.8.8 and later, and 6.7.5 and later. To remediate this vulnerability, upgrade the Code42 apps in your environment.
CVE details
| CVE ID | CVE-2019-11552 |
|---|---|
| Date published | July 11, 2019 |
| Number of vulnerabilities | 1 |
| Products | Code42 for Enterprise and CrashPlan for Small Business |
| Affected product versions |
6.9.2 or earlier, 6.8.7 or earlier, 6.7.4 or earlier |
| Vulnerability type | Other - Eval Injection |
| Attack type | Local |
| Impact | Escalation of privileges |
| Affected components | CrashPlan service |
| Attack vectors | Local configuration file |
| Description of the vulnerability | A proxy auto-configuration file, crafted by a lesser privileged user, may be used to execute arbitrary code at a higher privilege as the service user. |
| Additional information | Credit for discovery goes to: Vetle Økland, Nagarro AS |
Other Code42 resources
- Code42: Security