| Title | Advaned Installer Local Privilege Escalation Vulnerability |
|---|
| Description | A vulnerability existed in the Advanced Installer that loaded GdiPlus.dll, one of the WinSxS DLLs.
The Proton VPN installer runs with Administrator privileges and loads GdiPlus.dll from %INSTALLER_LOCATION%\ProtonVPN_win_v2.0.0.exe.Local\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1706_none_d94bc52be10975a7. If the ProtonVPN_win_v2.0.0.exe.Local directory does not exist, load the dll from C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.1706_none_d94bc52be10975a7. At this time, the ProtonVPN_win_v2.0.0.exe.Local directory can be accessed by general users, so the attacker can load GdiPlus.dll with Administrator privileges and elevate it to SYSTEM privileges through a dll hijacking attack.
This is not a vulnerability in Proton VPN, but rather a vulnerability in the Advanced Installer used by Proton VPN.
|
|---|
| Source | ⚠️ https://heegong.github.io/posts/Advaned-Installer-Local-Privilege-Escalation-Vulnerability/ |
|---|
| User | heegong (ID 52180) |
|---|
| Submission | 23.09.2023 07:41 (8 months ago) |
|---|
| Moderation | 29.09.2023 11:40 (6 days later) |
|---|
| Status | принято |
|---|
| VulDB Entry | 240903 |
|---|