Lucene search

K
certCERTVU:730007
HistoryApr 28, 2022 - 12:00 a.m.

Tychon is vulnerable to privilege escalation due to OPENSSLDIR location

2022-04-2800:00:00
www.kb.cert.org
50
tychon
privilege escalation
vulnerability
openssl
windows
arbitrary code execution
system privileges
update
cve-2022-26872

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

60.9%

Overview

Tychon contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user may be able to place files.

Description

Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that my be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an appropriate path may be able to achieve arbitrary code execution with SYSTEM privileges.

Impact

By placing a specially-crafted openssl.cnf in a location used by Tychon, an unprivileged user may be able to execute arbitrary code with SYSTEM privileges on a Windows system with the vulnerable Tychon software installed.

Solution

Apply an update

This issue is addressed in Tychon 1.7.857.82

Acknowledgements

This document was written by Will Dormann.

Vendor Information

730007

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Tychon __ Affected

Notified: 2022-03-10 Updated: 2022-04-28

Statement Date: April 27, 2022

CVE-2022-26872 Affected

Vendor Statement

CVE-2022-26872 has been resolved with an update to the OpenSSL library TYCHON uses. The TYCHON Endpoint version 1.7.857.82 contains the fix to this vulnerability.

Other Information

CVE IDs: CVE-2022-26872
Date Public: 2022-04-28 Date First Published:

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

60.9%