LINE up to 5.7.x on Windows DLL Loader Search Path untrusted search path
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.3 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, has been found in LINE up to 5.7.x on Windows. Affected by this vulnerability is an unknown functionality of the component DLL Loader. This manipulation as part of Search Path causes untrusted search path. This vulnerability is handled as CVE-2018-0609. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.
Details
A vulnerability has been found in LINE up to 5.7.x on Windows and classified as problematic. Affected by this vulnerability is an unknown functionality of the component DLL Loader. The manipulation as part of a Search Path leads to a untrusted search path vulnerability. The CWE definition for the vulnerability is CWE-426. The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
The bug was discovered 06/12/2018. The weakness was released 06/26/2018 (Website). It is possible to read the advisory at jvn.jp. This vulnerability is known as CVE-2018-0609 since 11/27/2017. Attacking locally is a requirement. The successful exploitation needs a single authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1574 according to MITRE ATT&CK.
The vulnerability was handled as a non-public zero-day exploit for at least 14 days. During that time the estimated underground price was around $0-$5k.
Upgrading to version 5.8.0 eliminates this vulnerability.
Be aware that VulDB is the high quality source for vulnerability data.
Product
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.5VulDB Meta Temp Score: 6.4
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.8
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Untrusted search pathCWE: CWE-426
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: LINE 5.8.0
Timeline
11/27/2017 🔍06/12/2018 🔍
06/26/2018 🔍
06/26/2018 🔍
06/27/2018 🔍
06/20/2020 🔍
Sources
Advisory: jvn.jpStatus: Not defined
CVE: CVE-2018-0609 (🔍)
GCVE (CVE): GCVE-0-2018-0609
GCVE (VulDB): GCVE-100-119911
Entry
Created: 06/27/2018 08:25Updated: 06/20/2020 20:15
Changes: 06/27/2018 08:25 (60), 06/20/2020 20:15 (1)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.