PS4 Remote Play 2.5.0.9220 DLL Hijacking

PS4 Remote Play version 2.5.0.9220 suffers from a dll hijacking vulnerability.


MD5 | 75dc08c32f295ed4d0c576c54e2e2294

Application: PS4 Remote Play
Application Version: 2.5.0.9220
Platform: Windows
Vendor: Sony
Notified at: [email protected] (3 months ago),no reply, and still no fix...

PS4 Remote Play application is vulnerable to DLL Hijacking Vulnerability. If executable is installed in unprotected directories (where any user can have access)or in portable form (which is often installed outside of program files or %windir%) it is possible to hijack DLL by placing malformed dll in application directory and run malicious actions (arbitrary code execute with the privilige level of executing user) when application loads the dll.

Affected Library List
---------------------
VERSION.dll
CRYPTSP.dll
DWrite.dll
iphlpapi.dll
rasapi32.dll
rtutils.dll
winhttp.dll
secur32.dll
WindowsCodecs.dll
RichEd20.DLL
d3d9.dll
igdumd32.dll
WtsApi32.dll
WINSTA.dll
USERENV.dll
WindowsCodecsExt.dll
urlmon.dll
AUDIOSES.DLL

More info & Remediation:
https://blogs.technet.microsoft.com/srd/2010/08/23/more-information-about-the-dll-preloading-remote-attack-vector/

Thank You,
Maelstrom Security



Related Posts

Comments