Search Path or Unquoted Item Vulnerability Affects Faronics Deep Freeze Server Standard Versions 8.30.020.4627 and Earlier
CVE-2024-1618

7.8HIGH

Key Information:

Vendor: Faronics
Status: Deep Freeze Server Standard
Vendor: CVE Published:; 12 March 2024

What is CVE-2024-1618?

A search path vulnerability has been identified in Faronics Deep Freeze Server Standard, specifically affecting the DFServ.exe executable. This vulnerability allows an attacker with local user privileges to replace the legitimate DFServ.exe service file with a malicious version, ideally positioned in a higher priority directory. Consequently, when the service is initiated, the compromised executable is executed instead of the genuine file. This exploitation could grant the attacker the ability to execute arbitrary code, potentially resulting in unauthorized access to the system or disruption of the service's operation.

Affected Version(s)

Deep Freeze Server Standard 0 <= 8.30.020.4627

References

https://www.incibe.es/en/incibe-cert/notices/aviso/unquot...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2024
Vulnerability Reserved
Feb 19, 2024

Credit

Rafael Pedrero