LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyContent command. The issue results from an exposed dangerous function. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. . Was ZDI-CAN-19945.
The vulnerability occurs in the implementation of the copyContent command, which exposes a dangerous function without appropriate access control mechanisms. An attacker can invoke this function remotely over the network without providing any credentials. This results in arbitrary code execution in the context of the SYSTEM account, which means the highest privilege level in the Windows operating system.
The attacker gains full control of the compromised system with SYSTEM privileges, enabling installation of malicious software, data theft, lateral movement in the network, and complete host takeover.
Patches available from the manufacturer should be applied according to the references. It is also recommended to restrict network access to the LG Simple Editor application using a firewall to trusted hosts and monitor network traffic directed to this service.
LG Simple Editor — specific vulnerable versions are indicated in the manufacturer's references and in the Zero Day Initiative advisories (ZDI-23-1217)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLg Simple Editor
APPLg3.21.0
Related vulnerabilities
LG Simple Editor — path traversal umożliwiający zdalny RCE jako SYSTEM
LG Simple Editor — path traversal umożliwiający usunięcie dowolnych plików
LG Simple Editor — path traversal umożliwiający RCE jako SYSTEM
LG Simple Editor — path traversal umożliwiający usunięcie dowolnych plików
LG Simple Editor: path traversal w komendzie cp umożliwia RCE jako SYSTEM