Vulnerability Description
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users group allow authenticated users to replace the executable file with arbitrary binaries, enabling privilege escalation during service startup or system reboot.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://blogs.securiteam.com/index.php/archives/3094
- https://cxsecurity.com/issue/WLB-2017050019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/125644
- https://packetstormsecurity.com/files/142384
- https://www.exploit-db.com/exploits/41959/
- https://www.vulncheck.com/advisories/serviio-pro-local-privilege-escalation-via-
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5405.php
FAQ
What is CVE-2017-20218?
CVE-2017-20218 is a vulnerability with a CVSS score of 7.8 (HIGH). Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the...
How severe is CVE-2017-20218?
CVE-2017-20218 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-20218?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.