ID

VAR-201411-0382


CVE

CVE-2014-8419


TITLE

Wibu-Systems CodeMeter Local Privilege Escalation Vulnerability

Trust: 0.8

sources: IVD: a04f2417-b6da-40e8-aac7-926846407d0e // CNVD: CNVD-2014-08518

DESCRIPTION

Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file. Wibu-Systems CodeMeter is a hardware-based software, file, access and media protection solution. CodeMeter has a local privilege escalation vulnerability that can be exploited by local attackers to enforce arbitrary code with system privileges. CodeMeter is prone to a local privilege-escalation vulnerability. CodeMeter Weak Service Permissions Vendor Website : http://www.codemeter.com INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Solution 6. Credit 7. Disclosure Timeline 8. CVE 1. BACKGROUND --------------------------------------- CodeMeter from Wibu-Systems provides maximum protection against software piracy and is bundled with multiple open-source products. 2. DESCRIPTION --------------------------------------- When the CodeMeter runtime is installed on a Microsoft Windows operating system, it creates a service named "codemeter.exe". When installed with the default settings, this service allows Read/Write access to any user, meaning any user can modify the location of the binary executed by the service with SYSTEM privileges. It should be noted that this vulnerability is not present in the most recent version of Codemeter runtime (currently 5.20). 3. AFFECTED PRODUCTS --------------------------------------- Only the following versions have been confirmed vulnerable: CodeMeter Runtime 4.50b CodeMeter Runtime 4.40 CodeMeter Runtime 4.20b 4. VULNERABILITIES --------------------------------------- 4.1 codemeter.exe 5. SOLUTION --------------------------------------- Vendor contacted and approved for disclosure as most recent version is not vulnerable. 6. CREDIT --------------------------------------- This vulnerability was discovered by Andrew Smith and Matt Smith of Sword & Shield Enterprise Security. 7. DISCLOSURE TIMELINE --------------------------------------- 7-16-2014 - Vulnerability Discovered 8-11-2014 - Vendor Informed 11-20-2014 - Public Disclosure 8. CVE --------------------------------------- CVE-2014-8419

Trust: 2.7

sources: NVD: CVE-2014-8419 // JVNDB: JVNDB-2014-005669 // CNVD: CNVD-2014-08518 // BID: 71264 // IVD: a04f2417-b6da-40e8-aac7-926846407d0e // PACKETSTORM: 129234

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: a04f2417-b6da-40e8-aac7-926846407d0e // CNVD: CNVD-2014-08518

AFFECTED PRODUCTS

vendor:wibumodel:codemeter runtimescope:lteversion:5.10c

Trust: 1.0

vendor:wibumodel:codemeter runtimescope:ltversion:5.20

Trust: 0.8

vendor:wibumodel:codemeterscope: - version: -

Trust: 0.6

vendor:wibumodel:codemeter runtimescope:eqversion:5.10c

Trust: 0.6

vendor:wibumodel:codemeterscope:eqversion:4.40

Trust: 0.3

vendor:codemeter runtimemodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: a04f2417-b6da-40e8-aac7-926846407d0e // CNVD: CNVD-2014-08518 // BID: 71264 // JVNDB: JVNDB-2014-005669 // CNNVD: CNNVD-201411-502 // NVD: CVE-2014-8419

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-8419
value: HIGH

Trust: 1.0

NVD: CVE-2014-8419
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-08518
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201411-502
value: HIGH

Trust: 0.6

IVD: a04f2417-b6da-40e8-aac7-926846407d0e
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2014-8419
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-08518
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: a04f2417-b6da-40e8-aac7-926846407d0e
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: a04f2417-b6da-40e8-aac7-926846407d0e // CNVD: CNVD-2014-08518 // JVNDB: JVNDB-2014-005669 // CNNVD: CNNVD-201411-502 // NVD: CVE-2014-8419

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-2014-005669 // NVD: CVE-2014-8419

THREAT TYPE

local

Trust: 1.0

sources: BID: 71264 // PACKETSTORM: 129234 // CNNVD: CNNVD-201411-502

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201411-502

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-005669

PATCH

title:Top Pageurl:http://www.wibu.com/en/home.html

Trust: 0.8

title:Patch for Wibu-Systems CodeMeter Local Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/52128

Trust: 0.6

title:CodeMeter-5.20.1471-504.i386url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52558

Trust: 0.6

title:CmRuntimeUser_5.20.1471.504url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52557

Trust: 0.6

title:CodeMeterRuntime-5.20url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52556

Trust: 0.6

sources: CNVD: CNVD-2014-08518 // JVNDB: JVNDB-2014-005669 // CNNVD: CNNVD-201411-502

EXTERNAL IDS

db:NVDid:CVE-2014-8419

Trust: 3.6

db:PACKETSTORMid:129234

Trust: 2.5

db:BIDid:71264

Trust: 0.9

db:CNVDid:CNVD-2014-08518

Trust: 0.8

db:CNNVDid:CNNVD-201411-502

Trust: 0.8

db:JVNDBid:JVNDB-2014-005669

Trust: 0.8

db:IVDid:A04F2417-B6DA-40E8-AAC7-926846407D0E

Trust: 0.2

sources: IVD: a04f2417-b6da-40e8-aac7-926846407d0e // CNVD: CNVD-2014-08518 // BID: 71264 // JVNDB: JVNDB-2014-005669 // PACKETSTORM: 129234 // CNNVD: CNNVD-201411-502 // NVD: CVE-2014-8419

REFERENCES

url:http://packetstormsecurity.com/files/129234/codemeter-weak-service-permissions.html

Trust: 2.4

url:http://www.securityfocus.com/archive/1/534079/100/0/threaded

Trust: 1.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8419

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8419

Trust: 0.8

url:http://www.securityfocus.com/bid/71264

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/534079/100/0/threaded

Trust: 0.6

url:http://www.wibu.com/en/codemeter.html

Trust: 0.3

url:http://seclists.org/bugtraq/2014/nov/124

Trust: 0.3

url:http://www.codemeter.com

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-8419

Trust: 0.1

sources: CNVD: CNVD-2014-08518 // BID: 71264 // JVNDB: JVNDB-2014-005669 // PACKETSTORM: 129234 // CNNVD: CNNVD-201411-502 // NVD: CVE-2014-8419

CREDITS

Andrew Smith and Matt Smith of Sword & Shield Enterprise Security

Trust: 0.3

sources: BID: 71264

SOURCES

db:IVDid:a04f2417-b6da-40e8-aac7-926846407d0e
db:CNVDid:CNVD-2014-08518
db:BIDid:71264
db:JVNDBid:JVNDB-2014-005669
db:PACKETSTORMid:129234
db:CNNVDid:CNNVD-201411-502
db:NVDid:CVE-2014-8419

LAST UPDATE DATE

2024-08-14T15:19:06.984000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-08518date:2014-11-26T00:00:00
db:BIDid:71264date:2014-11-24T00:00:00
db:JVNDBid:JVNDB-2014-005669date:2014-12-01T00:00:00
db:CNNVDid:CNNVD-201411-502date:2014-11-27T00:00:00
db:NVDid:CVE-2014-8419date:2018-10-09T19:54:15.713

SOURCES RELEASE DATE

db:IVDid:a04f2417-b6da-40e8-aac7-926846407d0edate:2014-11-26T00:00:00
db:CNVDid:CNVD-2014-08518date:2014-11-26T00:00:00
db:BIDid:71264date:2014-11-24T00:00:00
db:JVNDBid:JVNDB-2014-005669date:2014-12-01T00:00:00
db:PACKETSTORMid:129234date:2014-11-24T10:32:22
db:CNNVDid:CNNVD-201411-502date:2014-11-27T00:00:00
db:NVDid:CVE-2014-8419date:2014-11-26T15:59:06.107