TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege

2016.01.11
Credit: Mounir IDRASSI
Risk: High
Local: No
Remote: Yes
CVE: CVE-2016-1281
CWE: N/A


CVSS Base Score: 4.4/10
Impact Subscore: 6.4/10
Exploitability Subscore: 3.4/10
Exploit range: Local
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Hi, The Windows installers of TrueCrypt 7.1a (latest version) and its fork VeraCrypt 1.16 (latest version) are vulnerable to Dll Hijacking that allows arbitrary code execution with elevation of privilege. This vulnerability affects on all version of Windows. More information can be found at: http://seclists.org/fulldisclosure/2016/Jan/22 The patches applied to fix this issue in VeraCrypt are: - https://github.com/veracrypt/VeraCrypt/commit/5872be28a243acb3b5aafdf13248e07d30471893 - https://github.com/veracrypt/VeraCrypt/commit/7a15ff2083d75cdfe343de154715442dce635492 The fix has been included in VeraCrypt 1.17-BETA (Build 15) which is available at: https://veracrypt.codeplex.com/releases/view/619351. Many thanks to Stefan Kanthak (http://home.arcor.de/skanthak) for reporting this issue and for his help in verifying the correctness of the fix. Regards, - -- Mounir IDRASSI https://veracrypt.codeplex.com https://www.idrix.fr

References:

https://github.com/veracrypt/VeraCrypt/commit/5872be28a243acb3b5aafdf13248e07d30471893
https://github.com/veracrypt/VeraCrypt/commit/7a15ff2083d75cdfe343de154715442dce635492
https://veracrypt.codeplex.com/releases/view/619351


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top