nvd-json-data-feeds/CVE-2024/CVE-2024-312xx/CVE-2024-31226.json

{
  "id": "CVE-2024-31226",
  "sourceIdentifier": "security-advisories@github.com",
  "published": "2024-05-16T19:15:49.560",
  "lastModified": "2024-11-21T09:13:04.833",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named `C:\\Program.exe`, `C:\\Program.bat`, or `C:\\Program.cmd` on the user's computer. This attack vector isn't exploitable unless the user has manually loosened ACLs on the system drive. If the user's system locale is not English, then the name of the executable will likely vary. Version 0.23.0 contains a patch for the issue. Some workarounds are available. One may identify and block potentially malicious software executed path interception by using application control tools, like Windows Defender Application Control, AppLocker, or Software Restriction Policies where appropriate. Alternatively, ensure that proper permissions and directory access control are set to deny users the ability to write files to the top-level directory `C:`. Require that all executables be placed in write-protected directories."
    },
    {
      "lang": "es",
      "value": "Sunshine es un anfitri\u00f3n de transmisi\u00f3n de juegos autohospedado para Moonlight. Los usuarios que ejecutaron las versiones de Sunshine 0.17.0 a 0.22.2 como servicio en Windows pueden verse afectados al finalizar el servicio si un ataque coloc\u00f3 un archivo llamado `C:\\Program.exe`, `C:\\Program.bat` o `C:\\Program.cmd` en la computadora del usuario. Este vector de ataque no es explotable a menos que el usuario haya aflojado manualmente las ACL en la unidad del sistema. Si la configuraci\u00f3n regional del sistema del usuario no es ingl\u00e9s, es probable que el nombre del ejecutable var\u00ede. La versi\u00f3n 0.23.0 contiene un parche para el problema. Algunas soluciones est\u00e1n disponibles. Se pueden identificar y bloquear la intercepci\u00f3n de rutas ejecutadas de software potencialmente malicioso mediante el uso de herramientas de control de aplicaciones, como el control de aplicaciones de Windows Defender, AppLocker o las pol\u00edticas de restricci\u00f3n de software, cuando corresponda. Alternativamente, aseg\u00farese de que los permisos y el control de acceso al directorio adecuados est\u00e9n configurados para negar a los usuarios la capacidad de escribir archivos en el directorio de nivel superior `C:`. Requiere que todos los ejecutables se coloquen en directorios protegidos contra escritura."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security-advisories@github.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "attackVector": "PHYSICAL",
          "attackComplexity": "HIGH",
          "privilegesRequired": "HIGH",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 0.1,
        "impactScore": 4.7
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security-advisories@github.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-428"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/LizardByte/Sunshine/commit/93e622342c4f3e9b34f5f265039b6775b8e33a7a",
      "source": "security-advisories@github.com"
    },
    {
      "url": "https://github.com/LizardByte/Sunshine/pull/2379",
      "source": "security-advisories@github.com"
    },
    {
      "url": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-r3rw-mx4q-7vfp",
      "source": "security-advisories@github.com"
    },
    {
      "url": "https://github.com/LizardByte/Sunshine/commit/93e622342c4f3e9b34f5f265039b6775b8e33a7a",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://github.com/LizardByte/Sunshine/pull/2379",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-r3rw-mx4q-7vfp",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}