CVE-2020-26947 – Monero-wallet-gui design weakness (12th Oct 2020)

Preface: Monero price US$132.36 today – (12th Oct 2020). Monero (XMR) stands at the top of the list. This cryptocurrency’s popularity has been on the rise, primarily due to its ability to help anonymize users. Monero transactions are much more difficult to trace because they use ring signatures and stealth addresses.

Vulnerability details: monero-wallet-gui in Monero GUI 0.17.0.1 includes the . directory in an embedded RPATH (with a preference ahead of [/]usr[/]lib), which allows local users to gain privileges via a Trojan horse library in the current working directory.

Supplement: Potential risk: local privilege escalation (similar to dll hijacking on windows)
Condition: if the current directory allow user to have write and execute permission.
And therefore the vulnerability risk level will be depending on default program and .so privileges control. If the specify dynamically linked shared object libraries had granted tight access permission. So, the severity of risk will be significant drop down.

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-26947

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.