Advertisement






Filmora 12 Build 1.0.0.7 Unquoted Service Path

CVE Category Price Severity
CVE-2023-31747 CWE-428 $5,000 High
Author Risk Exploitation Type Date
exploitalert.com Critical Local 2023-05-20
CVSS
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023050042

Below is a copy:

Filmora 12 Build 1.0.0.7 Unquoted Service Path
Vendor Name: Filmora
Product Name: Filmora 12 version ( Build 1.0.0.7 )
Vendor Home Page:  https://filmora.wondershare.com/
Affected Version(s): Filmora 12 version (Build 12.2.1.2088)
Vulnerability Type: Unquoted Service Path Vulnerability (CWE-428)
CVE Reference: CVE-2023-31747
Security Researcher: Thurein Soe



Vulnerability description:
Filmora is professional video editing software. Wondershare NativePush
Build 1.0.0.7 was part of Filmora 12 (Build 12.2.1.2088) Wondershare
NativePush Build 1.0.0.7 was installed while Filmora 12 was installed. The
service name "NativePushService" was vulnerable to unquoted service paths
vulnerability which led to full local privilege escalation in the affected
system as the service "NativePushService" was running as a system
privilege. Effectively, the local user is able to elevate to local admin.

C:\>sc qc NativePushService
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: NativePushService
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   :
C:\Users\HninKayThayar\AppData\Local\Wondershare\Wondershare
NativePush\WsNativePushService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Wondershare Native Push Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\>cacls "C:\Users\HninKayThayar\AppData\Local\Wondershare\Wondershare
NativePush\WsNativePushService.exe"

C:\Users\HninKayThayar\AppData\Local\Wondershare\Wondershare
NativePush\WsNativePushService.exe

BUILTIN\Users:(ID)F

                    NT AUTHORITY\SYSTEM:(ID)F

                    BUILTIN\Administrators:(ID)F

                    HNINKAYTHAYAR\HninKayThayar:(ID)F

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.