Vulnerability Details : CVE-2018-6947

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.

Vulnerability category: Gain privilegeDenial of service

Published 2018-02-28 22:29:01

Updated 2019-10-03 00:03:26

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2018-6947

Probability of exploitation activity in the next 30 days: 0.07%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 27 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-6947

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	nvd@nist.gov
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	nvd@nist.gov
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-6947

CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-6947

https://www.fidusinfosec.com/nomachine-road-code-execution-without-fuzzing-cve-2018-6947/

NoMachine - The Road To Code Execution Without Fuzzing - CVE-2018-6947
Third Party Advisory
https://www.nomachine.com/SU02P00194

NoMachine - Vulnerability in OSS nxfuse component (version 5)
Vendor Advisory
https://www.exploit-db.com/exploits/44167/

NoMachine < 6.0.80 (x86) - 'nxfuse' Privilege Escalation
Third Party Advisory;VDB Entry
https://www.exploit-db.com/exploits/44168/

NoMachine < 6.0.80 (x64) - 'nxfuse' Privilege Escalation
Third Party Advisory;VDB Entry
https://www.nomachine.com/SU02P00195

NoMachine - Vulnerability in OSS nxfuse component
Vendor Advisory
https://www.nomachine.com/TR02P08408

NoMachine - Possible escalation of local user's privileges on Windows 7 (32bit)
Vendor Advisory

Products affected by CVE-2018-6947

Microsoft » Windows 7
cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 8
cpe:2.3:o:microsoft:windows_8:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows 10
cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*
Matching versions
Nomachine » Nomachine
Versions up to, including, (<=) 6.0.66_2
cpe:2.3:a:nomachine:nomachine:*:*:*:*:*:*:*:*
Matching versions