CVE-2018-7259 Detail Current Description The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the network for cleartext HTTP traffic. This behavior was removed in 2.0.1.232.

View Analysis Description Analysis Description The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the network for cleartext HTTP traffic. This behavior was removed in 2.0.1.232. Severity CVSS Version 3.x CVSS Version 2.0



CVSS 3.x Severity and Metrics:

NIST: NVD Base Score: 9.8 CRITICAL Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS 2.0 Severity and Metrics:



NIST: NVD Base Score: 5.0 MEDIUM Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) Weakness Enumeration CWE-ID CWE Name Source CWE-319 Cleartext Transmission of Sensitive Information NIST Known Affected Software Configurations Switch to CPE 2.2 CPEs loading, please wait. Denotes Vulnerable Software

Are we missing a CPE here? Please let us know.

Change History 2 change records found show changes CWE Remap 10/02/2019 8:3:26 PM Action Type Old Value New Value Changed CWE CWE-200



CWE-319



Initial Analysis 3/19/2018 11:4:27 AM Action Type Old Value New Value Added CPE Configuration OR *cpe:2.3:a:flightsimlabs:a320-x:2.0.1.231:*:*:*:*:*:*:*



Added CVSS V2 (AV:N/AC:L/Au:N/C:P/I:N/A:N)



Added CVSS V3 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H



Added CWE CWE-200



Changed Reference Type https://forums.flightsimlabs.com/index.php?/topic/16210-malware-in-installer/ No Types Assigned



https://forums.flightsimlabs.com/index.php?/topic/16210-malware-in-installer/ Issue Tracking



Changed Reference Type https://medium.com/@lukegorman97/flightsimlabs-alleged-malware-analysis-1427c4d23368 No Types Assigned



https://medium.com/@lukegorman97/flightsimlabs-alleged-malware-analysis-1427c4d23368 Permissions Required



Changed Reference Type https://www.reddit.com/r/flightsim/comments/7yh4zu/fslabs_a320_installer_seems_to_include_a_chrome/ No Types Assigned



https://www.reddit.com/r/flightsim/comments/7yh4zu/fslabs_a320_installer_seems_to_include_a_chrome/ Issue Tracking, Press/Media Coverage



Quick Info CVE Dictionary Entry:

CVE-2018-7259

NVD Published Date:

02/19/2018

NVD Last Modified:

10/02/2019

Source:

MITRE

