Vulnerability-Lookup

CNVD-2019-24218

Vulnerability from cnvd - Published: 2019-07-23

Title

Private Internet Access (PIA) VPN客户端任意代码执行漏洞（CNVD-2019-24218）

Description

Private Internet Access (PIA)是由London Trust Media公司经营的商业VPN服务。 Windows版London Trust Media Private Internet Access (PIA) VPN客户端1.0版存在任意代码执行漏洞。攻击者可利用该漏洞以SYSTEM身份执行任意代码。

Severity

高

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新：https://www.privateinternetaccess.com/pages/downloads

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-12574

Impacted products

Name
London Trust Media Private Internet Access (PIA) VPN客户端 1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-12574",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-12574"
    }
  },
  "description": "Private Internet Access (PIA)\u662f\u7531London Trust Media\u516c\u53f8\u7ecf\u8425\u7684\u5546\u4e1aVPN\u670d\u52a1\u3002\n\nWindows\u7248London Trust Media Private Internet Access (PIA) VPN\u5ba2\u6237\u7aef1.0\u7248\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5SYSTEM\u8eab\u4efd\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Rich Mirch",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1ahttps://www.privateinternetaccess.com/pages/downloads",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-24218",
  "openTime": "2019-07-23",
  "products": {
    "product": "London Trust Media Private Internet Access (PIA) VPN\u5ba2\u6237\u7aef 1"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-12574",
  "serverity": "\u9ad8",
  "submitTime": "2019-07-12",
  "title": "Private Internet Access (PIA) VPN\u5ba2\u6237\u7aef\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2019-24218\uff09"
}

CVE-2019-12574 (GCVE-0-2019-12574)

Vulnerability from cvelistv5 – Published: 2019-07-11 19:55 – Updated: 2024-08-04 23:24

Summary

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software update process. The updater loads several libraries from a folder that authenticated users have write access to. A low privileged user can leverage this vulnerability to execute arbitrary code as SYSTEM.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/mirchr/security-research/blob/…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:38.598Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software update process. The updater loads several libraries from a folder that authenticated users have write access to. A low privileged user can leverage this vulnerability to execute arbitrary code as SYSTEM."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-11T19:55:46.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12574",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The PIA client is vulnerable to a DLL injection vulnerability during the software update process. The updater loads several libraries from a folder that authenticated users have write access to. A low privileged user can leverage this vulnerability to execute arbitrary code as SYSTEM."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt",
              "refsource": "MISC",
              "url": "https://github.com/mirchr/security-research/blob/master/vulnerabilities/PIA/CVE-2019-12574.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12574",
    "datePublished": "2019-07-11T19:55:46.000Z",
    "dateReserved": "2019-06-02T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:24:38.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-24218

CVE-2019-12574 (GCVE-0-2019-12574)

Tags

Sightings

Nomenclature