#VU12046 Security restrictions bypass in 7-Zip - CVE-2018-10172
Published: April 20, 2018 / Updated: December 27, 2021
Vulnerability identifier: #VU12046
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-10172
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
7-Zip
7-Zip
Software vendor:
7-zip.org
7-zip.org
Description
The vulnerability allows a local attacker to bypass security restrictions on the target system.
The weakness exists due to improper security restrictions when using the large memory pages option. When using this option, the SeLockMemoryPrivilege privilege is added to the current user account using the LsaAddAccountRights function, which allows other applications on the system access to that privilege. A local attacker can execute an application on the system, which can run with SeLockMemoryPrivilege privileges, and bypass access restrictions.
The weakness exists due to improper security restrictions when using the large memory pages option. When using this option, the SeLockMemoryPrivilege privilege is added to the current user account using the LsaAddAccountRights function, which allows other applications on the system access to that privilege. A local attacker can execute an application on the system, which can run with SeLockMemoryPrivilege privileges, and bypass access restrictions.
Remediation
Install update from vendor's website.