CVE-2021-22038Use of Insufficiently Random Values in Vmware Installbuilder

CWE-330Use of Insufficiently Random Values5 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.7%
top 28.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Installbuilder
Timeline
PublishedOct 29
Latest updateNov 15

Description

On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulne

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDvmware/installbuilder< 21.6.0

🔴Vulnerability Details

4
OSV
ffmpeg regression2023-11-15
OSV
ffmpeg vulnerabilities2023-10-24
GHSA
GHSA-5hc4-w525-fjv3: On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it2022-05-24
CVEList
CVE-2021-22038: On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it2021-10-29
CVE-2021-22038 — Use of Insufficiently Random Values | cvebase