Private Internet Access Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A vulnerability exists in Private Internet Access (PIA) version 3.3.0.100 due to an unquoted service path in the application. This flaw allows local users to execute arbitrary code with elevated privileges. Exploitation involves injecting malicious code into the unquoted path of the service configuration, which could then be executed with LocalSystem rights when the service starts.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of code with elevated system privileges, allowing local users to perform actions as the LocalSystem account.
Reproduction
The vulnerability can be reproduced by querying the service configuration for 'PrivateInternetAccessService' using the Windows Management Instrumentation Command-line (WMIC) tool. The unquoted service path can be exploited by placing a malicious executable in a location that the system will execute when the service starts.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.