ADB Explorer Missing Integrity Check Vulnerability Allows Arbitrary Code Execution

A remote code execution vulnerability exists in ADB Explorer for Windows, specifically in versions through 0.9.26020. The issue arises because the application does not validate the integrity or authenticity of the ADB binary path specified by the user before executing it. This flaw allows attackers to execute arbitrary code with the current user's privileges. Exploitation involves creating a malicious App.txt settings file that directs ADB Explorer to an executable of the attacker's choice. Once the file is in place, the attacker can persuade the victim to launch ADB Explorer with a command-line argument pointing to the directory containing the malicious settings file.

Impact

Exploitation of this vulnerability allows for remote code execution on the victim's machine, executed with the same privileges as the user running ADB Explorer.

Reproduction

To reproduce this vulnerability, create a directory and place a settings file named 'App.txt' inside it. Set the 'ManualAdbPath' property to point to an executable, such as 'calc.exe'. Then, start ADB Explorer and specify the path to the directory containing the 'App.txt' file. The application will execute the specified executable, demonstrating the vulnerability.

Remediation

Users can update to ADB Explorer version 0.9.26021 or later, where this vulnerability has been fixed.