#VU19563 Incorrect default permissions in OpenSSL - CVE-2019-1552
Vulnerability identifier: #VU19563
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-276
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
OpenSSL
Server applications /
Encryption software
Vendor: OpenSSL Software Foundation
Description
The vulnerability allows a local user to bypass security restrictions.
The vulnerability exists due to OpenSSL uses insecure by default directory with potentially insecure permissions for the OPENSSLDIR on Windows. A local user can modify OpenSSL's default configuration within the 'C:/usr/local' folder, insert CA certificates, modify (or even replace) existing engine modules and bypass security restrictions, based on OpenSSL security mechanisms.
Mitigation
- For 1.1.0, commit e32bc855a81a2d48d215c506bdeb4f598045f7e9 and
b15a19c148384e73338aa7c5b12652138e35ed28
- For 1.0.2, commit d333ebaf9c77332754a9d5e111e2f53e1de54fdd
Vulnerable software versions
OpenSSL: 1.0.2s - 1.0.2p, 1.1.0d - 1.1.0, 1.1.1c - 1.1.1
External links
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9
https://www.openssl.org/news/secadv/20190730.txt
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
