CVE-2022-23410 IP Utility before 4.18.0 allows remote code execution and local privilege escalation by DLL hijacking.

CVE-2022-23410 IP Utility before 4.18.0 allows remote code execution and local privilege escalation by DLL hijacking.

This issue has been addressed in IPUtility v4.18.0 and later versions. In addition to this issue, IPUtility.exe has a high likelihood of crashing on Windows XP due to missing Windows XP support.

Sensitive information disclosure through DLL hijacking is possible in IPUtility.exe when DLLs are loaded from the same folder as the compromised DLL. A remote attacker could potentially exploit this vulnerability to get access to system privileges. This vulnerability was reported to vendors on Jan 5th, 2018. IPUtility.exe versions prior to 4.17.0 are prone to crashing on Windows XP due to missing OS support. A fix was released on Oct 30th, 2017. IPUtility.exe has a high likelihood of crashing on Windows XP due to missing Windows XP support.

Vulnerable Applications br pshutdown.exe, ialmnt.exe, iapplog.exe

Vulnerability Summary

An information disclosure vulnerability has been identified in IPUtility.exe that can be exploited by remote, unauthenticated attackers to get access to system privileges.

I

PUtility.exe has a high likelihood of crashing on Windows XP due to missing OS support
Due to the fact that IPUtility.exe is not compatible with Windows XP, it is more likely that it will crash, leading to a system-wide denial of service (DoS). If this occurs, the system will be rebooted and the application will need to be restarted manually. The root cause of the crashes is missing Windows XP support which was fixed in IPUtility v4.17.0 and later versions.

Affected versions:
IPUtility 4.17.0 - 4.18.0

IPUtility.exe version  4.17.0 is not vulnerable to these issues

IPUtility.exe has a high likelihood of crashing on Windows XP due to missing Windows XP support. In addition to this issue, IPUtility.exe has the following vulnerabilities:
1) CVE-2022-23410 - Sensitive information disclosure through DLL hijacking is possible in IPUtility.exe when DLLs are loaded from the same folder as the compromised DLL. A remote attacker could potentially exploit this vulnerability to get access to system privileges. This vulnerability was reported to vendors on Jan 5th, 2018;
2) CVE-2017-11882 - A denial of service vulnerability was discovered in IPUtility.exe versions prior to 4.17.0 and allows a process with malicious intent to be difficult or impossible for legitimate processes to allocate memory resources required for proper operation of those legitimate processes.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe