Vulnerability Details : CVE-2018-0580
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with its timestamp prior to April 25, 2018, 12:11:31, and CLIP STUDIO MODELER (for Windows) Ver.1.6.3 and earlier, with its timestamp prior to April 25, 2018, 17:02:49) allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
Vulnerability category: File inclusion
Exploit prediction scoring system (EPSS) score for CVE-2018-0580
Probability of exploitation activity in the next 30 days: 0.22%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 60 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-0580
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-0580
-
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0580
-
https://jvn.jp/en/jp/JVN68345747/
JVN#68345747: The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link LibrariesThird Party Advisory;VDB Entry
-
http://www.clipstudio.net/en/dl
CLIP STUDIO PAINT : Download free trial, latest version, and resourcesVendor Advisory
-
https://www.clip-studio.com/clip_site/download/clipstudioaction/csaupdater/index_win
CLIP STUDIO ACTION | アップデータのダウンロード | CLIP STUDIOVendor Advisory
Products affected by CVE-2018-0580
- cpe:2.3:a:celsys:clip_studio_action:*:*:*:*:*:windows:*:*
- cpe:2.3:a:celsys:clip_studio_modeler:*:*:*:*:*:windows:*:*
- cpe:2.3:a:celsys:clip_studio_paint:*:*:*:*:*:windows:*:*