Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

ACTIVE-2019-006: Viber for Desktop URI Handler Remote Command Execution

Vulnerability Type:

Remote Command Execution

Vendors:

Viber Media S.à r.l.

CVE ID:

CVE-2019-12569

Affected Products:

  • Viber for Desktop Version 10.5.0.23 and older for Windows

Summary:

A vulnerability in the Viber for Desktop, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user if the attacker can place a crafted library in a directory that is accessible to the vulnerable system.

Mitigation:

The vendor has released a patch in version 10.7.0 addressing this vulnerability.

Credit:

This vulnerability was found by Hashim Jawad of ACTIVELabs.

References:

Disclosure Timeline:

  • 05-04-19: ACTIVELabs contacted Viber via support portal
  • 05-04-19: Viber support requested vulnerability information
  • 05-04-19: ACTIVELabs sent vulnerability report however was not able to share PoC files with the vendor
  • 05-06-19: ACTIVELabs requested status update
  • 05-10-19: Viber support suggested other means to share PoC files
  • 05-10-19: ACTIVELabs shared PoC files with the vendor
  • 05-14-19: ACTIVELabs requested status update
  • 05-16-19: Viber support replied stating patch was released in version 10.7.0
  • 05-16-19: ACTIVELabs informed Viber that a CVE will be requested for this vulnerability
  • 05-24-19: Viber support requested to validate the latest version, that is version 10.7.0
  • 05-24-19: ACTIVELabs informed Viber support the patch has nullified the security vulnerability
  • 05-24-19: ACTIVELabs publishes this advisory
  • 05-24-19: ACTIVELabs requested CVE from MITRE
  • 06-02-19: MITRE issued CVE-2019-12569