GMS-2022-7965: DSInternals Credential Roaming Elevation of Privilege Vulnerability

December 6, 2022

A vulnerability exists in the DSInternals.Common.Data.RoamedCredential.Save() method, which incorrectly parses the msPKIAccountCredentials LDAP attribute values. As a consequence, malicious actor would be able to modify the file system of the computer where an application using this function is executed with administrative privileges. A similar security issue used to be present in the Windows operating system, as DSInternals re-implements the Credential Roaming feature of Windows.

References

github.com/MichaelGrafnetter/DSInternals/security/advisories/GHSA-vx2x-9cff-fhjw
github.com/advisories/GHSA-vx2x-9cff-fhjw
nvd.nist.gov/vuln/detail/CVE-2022-30170
www.mandiant.com/resources/blog/apt29-windows-credential-roaming

Detect and mitigate GMS-2022-7965 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →