Unquoted service path vulnerability in WCAssistantService Lavasoft


Vulnerability: Unquoted service path vulnerability in WCAssistantService Lavasoft

Severity: High

Impact: Any user that has Lavasoft webcompanion installed in their system can elevate his privilege on local system.

Description:

Web Companion blocks websites that try to steal your personal information by impersonating sites you know and trust. It keeps your passwords, payment and other personal information safe from hackers.

Unquoted service path exists for the service "WCAssistantService". This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.

How to check:
C:\>wmic service get name,displayname,pathname,startmode | findstr /i "auto" | findstr /i /v "c:\windows\\" | findstr /i /v """
WC Assistant                                                           WCAssistantService                                      C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe         Auto

Initial mail sent 2nd Nov 2017
Mail sent to webcompanion on 2nd Jan 2018 --> No response
Mail sent to webcompanion on 20th Jan 2018 --> No response
Disclosure date 23rd Jan 2018




Comments

Popular posts from this blog

MY OSCP REVIEW

Minishare 1.4.1 Bufferoverflow

EchoServer (Strcpy) bufferoverflow Securitytube Exploit research Megaprimer