A recent vulnerability was discovered in the Google Chrome Installer on Windows systems, allowing local attackers to carry out privilege escalation attacks via crafted symbolic links. This weakness has been assigned a CVE identifier, CVE-2023-2939, and is considered to have a medium severity level in the Chromium security ranking.

Background

Google Chrome is a popular web browser developed and maintained by Google. This vulnerability affects the Chrome installer package for Windows. Insufficient data validation in the installer can lead to the creation of a malicious symbolic link that, when followed, can grant the attacker escalated privileges on the target system.

Exploit Details

An attacker requires local access to the victim's machine to carry out this exploit. By leveraging a crafted symbolic link flaw during the installation process, the attacker can escalate their privileges and execute arbitrary code on the affected systems. This can lead to unauthorized access to sensitive information, disruption of system operations, and potentially taking control of the system.

Code Snippet

Here is a simple demonstration of how an attacker might create a malicious symbolic link to exploit this insufficiency in data validation:

// This is a sample code snippet and should not be used for malicious purposes
#include <iostream>
#include <windows.h>

int main() {
  LPCSTR targetPath = "C:\\target_path.exe";
  LPCSTR symlinkPath = "C:\\symlink_path.lnk";
  
  // Creating a malicious symbolic link
  if (CreateSymbolicLink(symlinkPath, targetPath, ) == ) {
    std::cerr << "Failed to create the symbolic link. Error: " << GetLastError() << std::endl;
    return 1;
  }
  
  // Successful creation of a symbolic link
  std::cout << "Successfully created the symbolic link." << std::endl;
  return ;
}

Affected Versions and Platforms

This vulnerability affects Google Chrome installations on Windows systems with versions prior to 114..5735.90.

Patch and Mitigation

Google has issued a patch for this vulnerability, which has been fixed in Google Chrome version 114..5735.90. Users are advised to update their Chrome installations as soon as possible.

Original References

1. CVE Entry - CVE-2023-2939: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2939
2. Chromium Security Severity: https://www.chromium.org/developers/security-overview/security-severity-ratings
3. Google Chrome Releases: https://chromereleases.googleblog.com/2023/02/stable-channel-update-for-desktop.html

Conclusion

The CVE-2023-2939 exploit demonstrates the importance of ensuring the proper validation of data when processing symbolic links. This vulnerability allowed attackers to escalate their privileges and potentially compromise an affected system. By applying the patch and updating to the most recent Google Chrome version, users can protect themselves from this security risk.

Timeline

Published on: 05/30/2023 22:15:00 UTC
Last modified on: 06/02/2023 14:59:00 UTC