CF-19 Guide F.A.Q.

Discussion in 'Panasonic' started by ADOR, Feb 26, 2014.

  1. BaRRmaley

    BaRRmaley Notebook Deity

    Likes Received:
    Trophy Points:
    Fresh security patch for all Panasonic PC's with Win7 and higher

    Title: Remediate Service Path Vulnerability Utility (V1.00L10 M02)
    Panasonic PC in which Windows 10, Windows 8.1, Windows 8 and Windows 7 are pre-installed
    Model Number:
    Panasonic PC in which OS in following "Operating System" column is pre-installed.

    Operating System: Windows 10 64bit Ver.1803
    Windows 10 64bit Ver.1709
    Windows 10 64bit Ver.1703
    Windows 10 64bit Ver.1607
    Windows 10 64bit Ver.1511
    Windows 8.1 64bit
    Windows 8 64bit
    Windows 7 64bit SP1
    Windows 7 32bit SP1
    Language: Universal
    Last Updated Date: 2018/12/18
    File Description
    Remediate unquoted service path vulnerabilities of Panasonic applications.

    ■About this vulnerability

    Some Windows services registered from Panasonic applications have unquoted Windows search path vulnerability that allow local users to gain privileges.

    ■The impact of this vulnerability

    This vulnerability might allow applications to gain the service’s privileges in case the applications have the first part of the path containing the white space.

    ■About CVSS score

    CVSS v3.0 : Base Score 8.4 HIGH (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
    CVSS v2.0 : Base Score 4.6 MEDIUM (AV:L/AC:L/Au:N/C:p/I:p/A:p)

    ・ This application remediates service path vulnerability that is only Panasonic application.

    ・ This will not remediate service path vulnerabilities other than Panasonic applications.

    ・ Please read the operation procedure carefully, before using the utility.

    Reason for Update
    • - Dec 18, 2018: We discussed with JVN. We follow their published information.

      Also updated the "Acknowledgments to researchers" (PDF).
    toughasnails and Shawn like this.

Share This Page