#VU79794 Incorrect default permissions in Nullsoft Scriptable Install System (NSIS) - CVE-2023-37378
Vulnerability identifier: #VU79794
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-276
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Nullsoft Scriptable Install System (NSIS)
Universal components / Libraries /
Software for developers
Vendor: Nullsoft
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to incorrect default permissions for an uninstaller directory. A local user with access to the system can view contents of files and directories or modify them.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Nullsoft Scriptable Install System (NSIS): 1.98 - 3.08
External links
https://github.com/kichik/nsis/commit/281e2851fe669d10e0650fc89d0e7fb74a598967
https://sourceforge.net/p/nsis/news/2023/07/nsis-309-released/
https://nsis.sourceforge.io/Docs/AppendixF.html#v3.09
https://github.com/kichik/nsis/commit/409b5841479c44fbf33a6ba97c1146e46f965467
https://github.com/kichik/nsis/commit/c40cf78994e74a1a3a381a850c996b251e3277c0
https://sf.net/p/nsis/bugs/1296
https://lists.debian.org/debian-lts-announce/2023/07/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A65FBUMHLZ7GBV3VDKUB5EK3A7X2UUWK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZPAAU57IA3NP6UOUXNBUQBAYK3JB2IM/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
