Main Vulnerability Database Vulnerabilities #VU17468

#VU17468 Privilege escalation in WinRAR - CVE-2018-20250

Published: February 11, 2019 / Updated: November 20, 2020

Vulnerability identifier: #VU17468

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2018-20250

CWE-ID: CWE-264

Exploitation vector: Local access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
WinRAR

Software vendor:
RARLAB

Description

The vulnerability allows a local attacker to gain elevated privileges.

The vulnerability exists due to a logical bug. A local attacker can craft the filename field of the ACE format, cause the destination folder (extraction folder) to be ignored, and the relative path in the filename field to become an absolute Path, extract a file to an arbitrary location and execute arbitrary code with elevated privileges.

Remediation

Update to version 5.70 Beta 1.

External links

https://www.win-rar.com/whatsnew.html

#VU17468 Privilege escalation in WinRAR - CVE-2018-20250

Description

Remediation

External links

Please verify you're human