CVE-2018-0563 : Security Advisory and Response

A vulnerability known as untrusted search path has been identified in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and older versions, as well as FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and older versions. This vulnerability enables an attacker to obtain elevated privileges by utilizing a Trojan horse DLL file located in an unspecified directory.

Understanding CVE-2018-0563

This CVE involves a security issue in the installer of specific versions of FLET'S VIRUS CLEAR Easy Setup & Application Tool and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool.

What is CVE-2018-0563?

The vulnerability in CVE-2018-0563 is classified as an untrusted search path vulnerability, allowing attackers to gain elevated privileges through a malicious DLL file.

The Impact of CVE-2018-0563

The presence of this vulnerability could lead to unauthorized access and potential exploitation by threat actors seeking to escalate their privileges.

Technical Details of CVE-2018-0563

This section delves into the technical aspects of the CVE.

Vulnerability Description

The untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool permits attackers to elevate their privileges using a Trojan horse DLL.

Affected Systems and Versions

Product: the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions, and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions
Vendor: NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION
Versions: Unspecified

Exploitation Mechanism

The attacker can exploit this vulnerability by placing a malicious DLL file in an unspecified directory, tricking the system into loading the malicious code.

Mitigation and Prevention

Protecting systems from CVE-2018-0563 requires immediate actions and long-term security practices.

Immediate Steps to Take

Implement security updates provided by the vendor promptly.
Monitor for any unusual DLL files or unexpected system behavior.
Restrict access to critical directories to prevent unauthorized DLL placement.

Long-Term Security Practices

Conduct regular security assessments and vulnerability scans.
Educate users on safe installation practices and the risks of downloading files from untrusted sources.
Employ application whitelisting to control which applications can run on the system.

Patching and Updates

Regularly check for security patches and updates from NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION to address the untrusted search path vulnerability.