The computer is capable of being hacked with just 1 click if these popular applications are installed

Security experts Fabian Braunlein and Lukas Euler of Positive Security discovered these problems on apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin / Dogecoin Wallets, Wireshark and Mumble.

'Desktop applications that pass a user-supplied URL to open by the operating system are more likely to present a code execution vulnerability under user interaction. Code execution is achievable when a URL pointing to a malicious executable (.desktop, .jar, .exe .) hosted on an internet accessible file (nfs, webdav, smb .) is opened or an additional vulnerability in the open application's URI handler is exploited '- experts information.

That is, the vulnerabilities stem from input URL validation. When they are opened by the operating system without proper authorization, malicious files are accidentally executed.

Positive Security analysis shows that many applications are unable to validate the URL, so the hacker has a chance to create a specially designed link pointing to an attack code, leading to remote code execution. .

The computer is capable of being hacked with just 1 click if these popular applications are installed Picture 1

Once detected, most apps have already rolled out a patched update:

1. Nextcloud - Fixed in version 3.1.3 for Desktop Client, released February 24 (CVE-2021-22879)
2. Telegram - Issue reported Jan. 11 and then fixed on the server side by February 10.
3. VLC Player - Issue reported on January 18, bug fix version 3.0.13 released a week later.
4. OpenOffice - To be fixed in the next patch (CVE-2021-30245)
5. LibreOffice - Fixed in Windows, but the vulnerability still exists in Xubuntu (CVE-2021-25631)
6. Mumble - Fixed in version 1.3.4 released February 10 (CVE-2021-27229)
7. Dogecoin - Fixed in version 1.14.3 released February 28
8. Bitcoin ABC - Fixed in version 0.22.15 released March 9
9. Bitcoin Cash - Fixed in version 23.0.0 (preparing to release)
10. Wireshark - Fixed in version 3.4.4 released March 10 (CVE-2021-22191)
11. WinSCP - Fixed in version 5.17.10 released February 26 (CVE-2021-3331)

This issue spans multiple layers of the application stack on the targeted system, so any layer's maintenance tool can easily push the real burden, the researchers said. show mitigation measures towards the remaining layers ".

As such, it is important that all stakeholders assume some responsibility and put in place risk mitigation measures, such as URL validation and automatic remote mount remote sharing.

Marvin Fry

Update 19 April 2021