CVE-2023-39520
MEDIUMCryptomator < 1.9.3 - Improper Privilege Management
Title source: ruleDescription
Cryptomator encrypts data being stored on cloud infrastructure. The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the `repair` function. The problem occurs as the repair function of the MSI is spawning an SYSTEM Powershell without the `-NoProfile` parameter. Therefore the profile of the user starting the repair will be loaded. Version 1.9.3 contains a fix for this issue. Adding a `-NoProfile` to the powershell is a possible workaround.
References (4)
Core 4
Core References
Exploit, Mitigation, Vendor Advisory x_refsource_confirm
https://github.com/cryptomator/cryptomator/security/advisories/GHSA-62gx-54j7-mjh3
Patch x_refsource_misc
https://github.com/cryptomator/cryptomator/commit/727c32ad50c3901a6144a11cf984a3b7ebcf8b2b
Product x_refsource_misc
https://github.com/cryptomator/cryptomator/releases/download/1.9.2/Cryptomator-1.9.2-x64.msi
Release Notes x_refsource_misc
https://github.com/cryptomator/cryptomator/releases/tag/1.9.3
Scores
CVSS v3
5.5
EPSS
0.0003
EPSS Percentile
9.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-269
Status
published
Products (1)
cryptomator/cryptomator
< 1.9.3
Published
Aug 07, 2023
Tracked Since
Feb 18, 2026