Backdoor in CCleaner
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | N/A |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | This vulnerability is being exploited in the wild. |
| Vulnerable software Subscribe |
CCleaner Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | Piriform Ltd. |
Security Bulletin
This security bulletin contains one critical risk vulnerability.
1) Backdoor
EUVDB-ID: #VU11316
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionCCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191 were shipped with a backdoor code from official vendor’s website. The incident was detected on September 12.
The malicious version was released on August 15. Users, who downloaded CCleaner between August 15 and September 12, are affected.
Update to version 5.33.6163.
CCleaner: 5.33.6162
External linkshttp://blog.avast.com/update-to-the-ccleaner-5.33.6162-security-incident
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
