{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-42125", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "state": "PUBLISHED", "assignerShortName": "zdi", "dateReserved": "2023-09-06T21:14:24.437Z", "datePublished": "2024-05-03T02:13:31.242Z", "dateUpdated": "2024-09-20T19:07:41.026Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-09-18T18:30:13.844Z"}, "title": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability", "descriptions": [{"lang": "en", "value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383."}], "affected": [{"vendor": "Avast", "product": "Premium Security", "versions": [{"version": "Avast Premium Security 22.12.6044 (build 22.12.7758.769)", "status": "affected"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-706", "description": "CWE-706: Use of Incorrectly-Resolved Name or Reference", "type": "CWE"}]}], "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/", "name": "ZDI-23-1475", "tags": ["x_research-advisory"]}], "dateAssigned": "2023-09-06T16:25:45.534-05:00", "datePublic": "2023-09-27T17:21:28.201-05:00", "source": {"lang": "en", "value": "Abdelhamid Naceri"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH"}}]}, "adp": [{"affected": [{"vendor": "avast", "product": "premium_security", "cpes": ["cpe:2.3:a:avast:premium_security:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "22.12.6044 (build 22.12.7758.769)", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-10T20:42:08.317986Z", "id": "CVE-2023-42125", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-20T19:07:41.026Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:16:50.537Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/", "name": "ZDI-23-1475", "tags": ["x_research-advisory", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/", "name": "ZDI-23-1475", "tags": ["x_research-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:16:50.537Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-42125", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-10T20:42:08.317986Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:avast:premium_security:*:*:*:*:*:*:*:*"], "vendor": "avast", "product": "premium_security", "versions": [{"status": "affected", "version": "22.12.6044 (build 22.12.7758.769)"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-10T20:45:34.687Z"}}], "cna": {"title": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability", "source": {"lang": "en", "value": "Abdelhamid Naceri"}, "metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "Avast", "product": "Premium Security", "versions": [{"status": "affected", "version": "Avast Premium Security 22.12.6044 (build 22.12.7758.769)"}], "defaultStatus": "unknown"}], "datePublic": "2023-09-27T17:21:28.201-05:00", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/", "name": "ZDI-23-1475", "tags": ["x_research-advisory"]}], "dateAssigned": "2023-09-06T16:25:45.534-05:00", "descriptions": [{"lang": "en", "value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-706", "description": "CWE-706: Use of Incorrectly-Resolved Name or Reference"}]}], "providerMetadata": {"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "shortName": "zdi", "dateUpdated": "2024-09-18T18:30:13.844Z"}}}, "cveMetadata": {"cveId": "CVE-2023-42125", "state": "PUBLISHED", "dateUpdated": "2024-09-20T19:07:41.026Z", "dateReserved": "2023-09-06T21:14:24.437Z", "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e", "datePublished": "2024-05-03T02:13:31.242Z", "assignerShortName": "zdi"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the sandbox feature. By creating a symbolic link, an attacker can abuse the service to create arbitrary namespace objects. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.\n. Was ZDI-CAN-20383."}, {"lang": "es", "value": "Enlace de protecci\u00f3n de Avast Premium Security Sandbox despu\u00e9s de una vulnerabilidad de escalada de privilegios. Esta vulnerabilidad permite a atacantes locales escalar privilegios en las instalaciones afectadas de Avast Premium Security. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad. La falla espec\u00edfica existe en la implementaci\u00f3n de la funci\u00f3n sandbox. Al crear un enlace simb\u00f3lico, un atacante puede abusar del servicio para crear objetos de espacio de nombres arbitrarios. Un atacante puede aprovechar esta vulnerabilidad para escalar privilegios y ejecutar c\u00f3digo arbitrario en el contexto de SYSTEM. Era ZDI-CAN-20383."}], "id": "CVE-2023-42125", "lastModified": "2024-11-21T08:22:19.523", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}, "published": "2024-05-03T03:15:51.797", "references": [{"source": "zdi-disclosures@trendmicro.com", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1475/"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-706"}], "source": "zdi-disclosures@trendmicro.com", "type": "Secondary"}]}

{}