Samsung Kies 2.5.0.12114_1 is vulnerable to remote buffer overflow vulnerability. Vulnerability has been discovered by High-Tech Bridge Security Research Lab and can be exploited to execute arbitrary code on vulnerable system.
Description of buffer overflow in Samsung Kies:
The vulnerability exists due to insufficient sanitisation of input data in the PrepareSync() method within the ActiveX control SyncService.dll, GUID {EA8A3985-F9DF-4652-A255-E4E7772AFCA8}, located by default in "C:\Program Files\Samsung\Kies\External\DeviceModules\SyncService.dll".
A remote attacker can pass an arbitrary value to the "password" argument of the PrepareSync() method and trigger an ACCESS_VIOLATION exception, which could be exploited to successfully overwrite the EIP register and the SEH structure.
Details of Samsung KIES crash and Proof-of-concept (PoC) code is available on High-Tech Bridge website: Advisory HTB23136 - Remote Buffer Overflow Vulnerability in Samsung Kies.
Solution: Upgrade ro Samsung Kies version 2.5.1.12123_2_7.
Previously, High-Tech Bridge Security Research Lab had already discovered multiple vulnerabilities in Samsung Kies 2.3.2.12054_20.
No comments:
Post a Comment