Headline
CVE-2022-38699: ASUS Armoury Crate Service - Arbitrary File Creation via Elevation of Privilege Flaw
Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the system file and disrupt the system.
:::
- 首頁
- 資安服務
- 台灣漏洞揭露平台 (TVN)
- TVN (Taiwan Vulnerability Note) 漏洞公告
TVN ID
TVN-202209001
CVE ID
CVE-2022-38699
CVSS
5.9 (Medium)
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
影響產品
Armoury Crate & Aura Creator Installer軟體安裝包中的程式Armoury Crate Service V5.1.5.0
問題描述
Armoury Crate Service之寫入Log功能未檢查檔案是否被識別為symbolic link,本機端攻擊者以一般使用者權限登入後,將Log檔案內容竄改為symbolic link,觸發此漏洞將Log資料改為寫入到任意系統檔案中,導致系統損毀。
解決方法
Update Armoury Crate Service version to V5.2.10.0
漏洞通報者
ASUS
公開日期
2022-09-15