CIS-CAT Pro Assessor Vulnerability update

Problem summary and impact

Versions of CIS-CAT® Pro Assessor for Windows prior to v4.57.1 are vulnerable to a DLL/Script preloading attack if deployed in an unsecured location, e.g., not in C:\Program Files.

CIS-CAT Pro Assessor is portable by design, meaning no installation is required. With no default installation path to reference, it is not possible to load DLLs using absolute paths when using CIS-CAT Pro Assessor.

If CIS-CAT Pro Assessor is deployed in an unsecured folder, a local user with standard permissions could place malicious DLL files or batch scripts in the application directory. Since CIS-CAT Pro Assessor requires administrator privileges to run, these files or scripts would be executed with elevated permissions, potentially leading to privilege escalation.

Solution and recommended actions

• Upgrade to CIS-CAT Pro Assessor v4.57.1 or later.

• Ensure that application is deployed to a secured directory (such as C:\Program Files) or a secured network share.

• Review and harden folder permissions for your CIS-CAT Pro Assessor deployment.

References

Dynamic-Link Library Security - Win32 apps

Keywords; Vulnerabilities

Content by Label