Vulnerability Description
The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Anixis | Password Reset Client | < 3.22 |
Related Weaknesses (CWE)
References
- http://anixis.comVendor Advisory
- https://github.com/missing0x00/CVE-2018-5354ExploitThird Party Advisory
- http://anixis.comVendor Advisory
- https://github.com/missing0x00/CVE-2018-5354ExploitThird Party Advisory
FAQ
What is CVE-2018-5354?
CVE-2018-5354 is a vulnerability with a CVSS score of 8.8 (HIGH). The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, i...
How severe is CVE-2018-5354?
CVE-2018-5354 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5354?
Check the references section above for vendor advisories and patch information. Affected products include: Anixis Password Reset Client.