Title: Symantec PCAnywhere Chat Client Privilege Escalation Vulnerability
Severity: HIGH
Description:
Symantec pcAnywhere is a remote host control solution. pcAnywhere provides for remote management and file transfer. pcAnywhere can be installed as a service that listens for incoming connections from a remote administrator.
Symantec pcAnywhere has been reported prone to a locally exploitable vulnerability when it has been configured to run in service mode. It has been reported that a local user or a user who has been granted interactive access to a system via pcAnywhere, may exploit this issue to elevate privileges to that of the SYSTEM user. The issue presents itself because a chat session that contains exploitable functionality may be spawned from the 'AWHOST32' process. The 'AWHOST32' process runs with SYSTEM privileges by default. By using 'save' functionality of the chat interface, an attacker may invoke any other program in the context of the 'AWHOST32' process.
It should be noted that this vulnerability affects Symantec pcAnywhere version 9.01 and 9.2 (which are unsupported). pcAnywhere 10.x is also affected.
Affected Products:
- Symantec pcAnywhere 10.0.0
- Symantec pcAnywhere 10.5.0
- Symantec pcAnywhere 9.0.1
- Symantec pcAnywhere 9.2.0
References:
- Symantec: Symantec Homepage
- Symantec: Symantec pcAnywhere Chat Mode Privilege Elevation
- Symantec: Symantec pcAnywhere Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
