A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Home windows that could be abused by a distant attacker to execute arbitrary code on qualified programs, underscoring how vulnerabilities in these types of software program could beсome a gateway for a roster of assaults.
Tracked as CVE-2021-35052, the bug impacts the demo variation of the software program functioning model 5.70. “This vulnerability will allow an attacker to intercept and modify requests despatched to the consumer of the application,” Favourable Technologies’ Igor Sak-Sakovskiy reported in a technical write-up. “This can be used to obtain remote code execution (RCE) on a victim’s computer system.”
By intercepting the response code despatched when WinRAR alerts the user about the stop of the totally free trial period by way of “notifier.rarlab[.]com” and modifying it to a “301 Moved Completely” redirect message, Constructive Systems found that it could be abused to cache the redirection to an attacker-controlled malicious area for all subsequent requests.
On leading of that, an attacker already owning entry to the same network area can stage ARP spoofing assaults to remotely start apps, retrieve nearby host info, and even run arbitrary code.
“One particular of the most important worries an corporation faces is the management of third-celebration software program. After put in, third-party software program has accessibility to read, produce, and modify information on gadgets which entry corporate networks,” Sak-Sakovskiy noted.
“It is really extremely hard to audit every application that could be put in by a person and so policy is important to managing the danger connected with exterior applications and balancing this danger versus the company want for a selection of purposes. Improper administration can have large reaching penalties.”