Home > Vulnerability Database > CVE-2019-3567

Mend.io Vulnerability Database

CVE-2019-3567

Good to know:

Date: June 3, 2019

In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. Under those circumstances osquery will load said malicious executable with SYSTEM permissions. The solution is to migrate installations to the 'Program Files' directory on Windows which restricts unprivileged write access. This issue affects osquery prior to v3.4.0.

Language: C++

Severity Score

8.1

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2019-3567

Url: https://www.facebook.com/security/advisories/cve-2019-3567

Url: https://www.mend.io/vulnerability-database/CVE-2019-3567

Severity Score

8.1

Weakness Type (CWE)

Improper Access Control

CWE-284

Link Following

CWE-59

Top Fix

Upgrade Version

Upgrade to version 3.4.0

Learn More

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2019-3567

Good to know:

Date: June 3, 2019

Language: C++

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?