CVE Vulnerability

CVE-2022-3421

An attacker can pre-create the `/Applications/Google Drive.app/Contents/MacOS` directory which is expected to be owned by root to be owned by a non-root user. When the Drive for Desktop installer is run for the first time, it will place a binary in that directory with execute permissions and set its setuid bit. Since the attacker owns the directory, the attacker can replace the binary with a symlink, causing the installer to set the setuid bit on the symlink. When the symlink is executed, it will run with root permissions. We recommend upgrading past version 64.0

7.3 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://support.google.com/a/answer/7577057?hl=en Release Notes Vendor Advisory
Configurations

Configuration 1
Information

Published : 2022-10-17 08:15

Updated : 2022-10-19 06:10

NVD link : CVE-2022-3421

Mitre link : CVE-2022-3421

Products Affected
No products.
CWE
CWE-269