BestXsoftware Best Free Keylogger 5.2.9 Privilege Escalation
- Author: Martino Sani
- Release date: 2018-10-19
- Software: https://bestxsoftware.com/
- Version: 5.2.9 and probably previous versions
- CVE: CVE-2018-18519
BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain privileges via
a Trojan horse
%PROGRAMFILES%\BFK 5.2.9\syscrb.exe file because of insecure
permissions for the BUILTIN\Users group.
Best Free Keylogger v. 5.2.9 is installed on the system.
The attacker (with arbitrary privileges) replaces the file
C:\Program Files\BFK 5.2.9\syscrb.exe.
It is world writable (Windows Group: Users).
A victim user opens a session, such as through a RDP client, and
C:\Program Files\BFK 5.2.9\syscrb.exe is executed with the logged-in user's privileges.
The attacker can execute arbitrary code impersonating the victim.
- 2018-09-28: Vendor notification. No response.
- 2018-10-10: No responses from the vendor. Disclosure.
The author is not responsible for the misuse of the information provided in this advisory.