CVE-2018-25044

Published: Jun 17, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.

Affected (1)

Products: Bittorrent: Utorrent

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Bittorrent Utorrent	All versions

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (6)

http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html

Source: cna@vuldb.com

Third Party Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=1524

Source: cna@vuldb.com

ExploitIssue TrackingMailing ListThird Party Advisory

https://vuldb.com/?id.113807

Source: cna@vuldb.com

ExploitThird Party AdvisoryVDB Entry

http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugs.chromium.org/p/project-zero/issues/detail?id=1524

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingMailing ListThird Party Advisory

https://vuldb.com/?id.113807

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.