LOGICOOL Game Software up to 8.87 DLL Loader Search Path untrusted search path

Summaryinfo

A vulnerability was found in LOGICOOL Game Software up to 8.87. It has been rated as problematic. The affected element is an unknown function of the component DLL Loader. This manipulation as part of Search Path causes untrusted search path. This vulnerability is tracked as CVE-2018-0620. The attack is restricted to local execution. No exploit exists. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in LOGICOOL Game Software up to 8.87. It has been declared as problematic. Affected by this vulnerability is an unknown function of the component DLL Loader. The manipulation as part of a Search Path leads to a untrusted search path vulnerability. The CWE definition for the vulnerability is CWE-426. The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

The bug was discovered 07/06/2018. The weakness was disclosed 07/26/2018 (Website). It is possible to read the advisory at jvn.jp. This vulnerability is known as CVE-2018-0620 since 11/26/2017. Attacking locally is a requirement. The successful exploitation requires a single authentication. The technical details are unknown and an exploit is not publicly available. The attack technique deployed by this issue is T1574 according to MITRE ATT&CK.

The vulnerability was handled as a non-public zero-day exploit for at least 20 days. During that time the estimated underground price was around $0-$5k.

Upgrading to version 8.87.116 eliminates this vulnerability.

The entry VDB-122228 is pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• LOGICOOL

Name

• Game Software

Version

• 8.0
• 8.1
• 8.2
• 8.3
• 8.4
• 8.5
• 8.6
• 8.7
• 8.8
• 8.9
• 8.10
• 8.11
• 8.12
• 8.13
• 8.14
• 8.15
• 8.16
• 8.17
• 8.18
• 8.19
• 8.20
• 8.21
• 8.22
• 8.23
• 8.24
• 8.25
• 8.26
• 8.27
• 8.28
• 8.29
• 8.30
• 8.31
• 8.32
• 8.33
• 8.34
• 8.35
• 8.36
• 8.37
• 8.38
• 8.39
• 8.40
• 8.41
• 8.42
• 8.43
• 8.44
• 8.45
• 8.46
• 8.47
• 8.48
• 8.49
• 8.50
• 8.51
• 8.52
• 8.53
• 8.54
• 8.55
• 8.56
• 8.57
• 8.58
• 8.59
• 8.60
• 8.61
• 8.62
• 8.63
• 8.64
• 8.65
• 8.66
• 8.67
• 8.68
• 8.69
• 8.70
• 8.71
• 8.72
• 8.73
• 8.74
• 8.75
• 8.76
• 8.77
• 8.78
• 8.79
• 8.80
• 8.81
• 8.82
• 8.83
• 8.84
• 8.85
• 8.86
• 8.87

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion