AIDA64 Extreme Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

A buffer overflow vulnerability has been identified in AIDA64 Extreme version 5.99.4900. This vulnerability resides in the logging feature, where structured exception handling (SEH) can be exploited. Local attackers can execute arbitrary code by providing a malicious CSV log file path. The exploitation involves injecting shellcode through the Hardware Monitoring logging preferences, causing the buffer overflow and executing the injected code when the application processes the log file path.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

To reproduce this vulnerability, first, create a payload using a Python script that exploits the buffer overflow by injecting shellcode into the application's logging preferences. This script will generate two files: one for 32-bit Windows and another for 64-bit Windows. Next, open AIDA64 Extreme and navigate to the 'Preferences' menu. Under 'Hardware Monitoring', find the logging section and paste the contents of the generated exploit file into the CSV log file path option. After saving the changes, exit the application normally (without forcing it closed), which will trigger the execution of the injected shellcode, such as opening the calculator application as a demonstration.