CVE-2019-18670 Information

Description

In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008 a REGULAR user can load an arbitrary unsigned DLL into the signed service’s process which is running as NT AUTHORITY\SYSTEM. This is a DLL Hijacking vulnerability (including search order hijacking which searches for the missing DLL in the PATH environment variable) which is caused by an uncontrolled search path element for nvapi.dll atiadlxx.dll or atiadlxy.dll.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

https://drive.google.com/open?id=1r0cr-H_FMc8V4hwlqF1MAEhSSnztm5sp https://us.answers.acer.com/app/answers/detail/a_id/64586

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8