| Title | Telerik Fiddler v5.0.20182.28034 Local Privilege Escalation |
|---|
| Description | A vulnerability was found in Telerik Fiddler v5.0.20182.28034. The feature affected is Fiddler's Win8 Loopback Exemptions. The feature mentioned requires administrator privileges, leading to the potential impact of local privilege escalation because Fiddler's installation is placed in the AppData folder which can be accessed publicly. Since no integrity check of the executable happens during the life cycle of the process, replacing the EnableLoopback.exe from the AppData folder will allow privilege escalation once the Win8 Loopback Exemptions feature is ran. CVE-2019-12097 was assigned to the vulnerability. |
|---|
| Source | ⚠️ https://www.telerik.com/download/fiddler |
|---|
| User | nathunandwani (UID 862) |
|---|
| Submission | 05/28/2019 14:55 (7 years ago) |
|---|
| Moderation | 05/29/2019 13:35 (23 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 135671 [Telerik Fiddler 5.0.20182.28034 Win8 Loopback Exemption access control] |
|---|
| Points | 20 |
|---|