CVE-2024-25140

{"id": "CVE-2024-25140", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-02-06T09:15:52.827", "references": [{"url": "https://github.com/rustdesk/rustdesk/discussions/6444", "tags": ["Exploit", "Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://news.ycombinator.com/item?id=39256493", "tags": ["Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://serverfault.com/questions/837994", "tags": ["Issue Tracking", "Technical Description"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of security measures for the private key, and arbitrary software could be signed if the private key were to be compromised. NOTE: the vendor's position is \"we do not have EV cert, so we use test cert as a workaround.\" Insertion into Trusted Root Certification Authorities was the originally intended behavior, and the UI ensured that the certificate installation step (checked by default) was visible to the user before proceeding with the product installation."}, {"lang": "es", "value": "Una instalaci\u00f3n predeterminada de RustDesk 1.2.3 en Windows coloca un certificado WDKTestCert bajo Autoridades de certificaci\u00f3n ra\u00edz confiables con uso de clave mejorado de firma de c\u00f3digo (1.3.6.1.5.5.7.3.3), v\u00e1lido desde 2023 hasta 2033. Esto es potencialmente no deseado, por ejemplo , porque no existe documentaci\u00f3n p\u00fablica sobre las medidas de seguridad para la clave privada, y se podr\u00eda firmar software arbitrario si la clave privada se viera comprometida. NOTA: la posici\u00f3n del proveedor es \"no tenemos un certificado EV, por lo que utilizamos el certificado de prueba como workaround\". La inserci\u00f3n en autoridades de certificaci\u00f3n ra\u00edz de confianza era el comportamiento previsto originalmente y la interfaz de usuario garantizaba que el paso de instalaci\u00f3n del certificado (marcado de forma predeterminada) fuera visible para el usuario antes de continuar con la instalaci\u00f3n del producto."}], "lastModified": "2024-08-29T20:36:15.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rustdesk:rustdesk:1.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7967159-D276-41AA-AB79-5230D05B1E11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}