#VU48924 Cleartext transmission of sensitive information in WinZip - CVE-2020-28003

Cybersecurity Help s.r.o.

Published: 2020-12-10

Vulnerability identifier: #VU48924

Vulnerability risk: Medium

CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-28003

CWE-ID: CWE-319

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
WinZip
Client/Desktop applications / Software for archiving

Vendor: WinZip Computing, Inc.

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to WinZIP uses insecure HTTP protocol to display HTML content and deliver software updates. A remote attacker with ability to interfere with network traffic can perform Man-in-the-Middle (MitM) attack and execute arbitrary JavaScript code or supply a malicious binary during software update.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

WinZip: 18.5 - 24.0

External links
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=28202

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

MitM attack in WinZip