Vulnerability CVE-2018-7259


Published: 2018-02-19   Modified: 2018-02-20

Description:
The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the network for cleartext HTTP traffic. This behavior was removed in 2.0.1.232.

Type:

CWE-319

(Cleartext Transmission of Sensitive Information)

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Flightsimlabs -> A320-x 

 References:
https://forums.flightsimlabs.com/index.php?/topic/16210-malware-in-installer/
https://medium.com/@lukegorman97/flightsimlabs-alleged-malware-analysis-1427c4d23368
https://www.reddit.com/r/flightsim/comments/7yh4zu/fslabs_a320_installer_seems_to_include_a_chrome/

Copyright 2021, cxsecurity.com

 

Back to Top