New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kiosk escape (vulnerability disclosure) #434
Comments
|
Thanks for reaching out to us before publishing your findings. Please feel free to contact us under info at safeexambrowser dot org. |
|
I can't find any contact information besides the Github repo. Can you please drop a hint where I can find it? ;-) |
|
@dbuechel meant the e-mail address info at safeexambrowser dot org. at=@ dot=. |
|
Alright. I'm sending the email now |
|
@Notselwyn We were able to fix the vulnerability, please feel free to test it in the latest beta version. |
|
A fix for the issue is now available in version 3.4.0. |
|
Update: the issue got assigned CVE-2022-36220. It took MITRE relatively long, but it's here |
|
I've asked MITRE to publish it so that it won't say reserved anymore and give basic descriptions with a reference. Should be updated soon |
|
CC @dbuechel (notif) |
|
Excellent, that's great to know! Thanks again for the constructive and proactive collaboration, it is indeed highly appreciated! |
|
You're welcome :p Thank you for the fast response times as well. Perhaps it could be useful for organisations if you put the CVE in the v3.4.0 release notes over at https://safeexambrowser.org/windows/win_release_notes_en.html so they know they should update the SEB version. |
|
Yes, that's a good idea, thanks for the input. I'll forward it to our internal responsible and see what they think about marking this release respectively on our website. |
|
Are you okay with it if make an HackTheBox machine oriented around the CVE? e.g. the player has to perform a virtual kiosk escape in SEB as a foothold technique. Below are the pro's and cons of it (if the box gets accepted by HTB) in my POV:
The cons:
After submission it should take another 3 months before the box gets released, so hopefully enough institutions will have updated to SEB v3.4.0 . Finally, sorry for keeping this closed issue alive for over a month :-) . PS: The CVE just got CVSSv3 rated at 9.8 (very critical) by the US gov's https://nvd.nist.gov/vuln/detail/CVE-2022-36220. They included a list of 41 vulnerable SEB versions FYI. |
Hi there. I'm a Dutch IT student and security employee for a learning management system (LMS), and I found a kiosk escape issue/bug tested in SEB (v3.2.2) for Windows Home (10.0.19044) which allows a user in SEB to quit it without the quitting password. I'm a strong believer in coordinated vulnerability disclosure and I do not want to publish this issue in public (so people will take advantage of it). Do you have an email address where I can report it?
The text was updated successfully, but these errors were encountered: