CVE-2018-20211 Information

Description

ExifTool 8.32 allows local users to gain privileges by creating a TEMP\par-username\cache-exiftool-8.32 folder with a victim’s username and then copying a Trojan horse ws32_32.dll file into this new folder aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012 and 10.x was released starting in 2015).

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://packetstormsecurity.com/files/150892/Exiftool-8.3.2.0-DLL-Hijacking.html http://seclists.org/fulldisclosure/2018/Dec/44

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8