Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GlassWire 2.1.167 vulnerability - MSVR 56639

Medium
G
GlassWire
Submitted None

Team Summary

Official summary from GlassWire

On May 12th Katie Lewis at Microsoft found GlassWire 2.1.167 would attempt to load Wtsapi32.dll.dll from the user's PATH (without doing any checks to see if the file is signed). GlassWire's team sent a fix that Katie Lewis confirmed solved the issue, then released an update with the fix.

Actions:
View on HackerOne
Reported by msvr

Vulnerability Details

Technical details and impact analysis

Code Injection
Arbitrary code execution vulnerability within the firewall software, GlassWire version 2.1.167 ## Impact After the program is installed, on first execution, it will attempt to load Wtsapi32.dll.dll from the user's PATH (without doing any checks to see if the file is signed). Attached is a demo leveraging this vulnerability to spawn notepad.exe as well as screenshots showing the software searching the user’s PATH.

Report Details

Additional information and metadata

State

Closed

Substate

Resolved

Submitted

Weakness

Code Injection