Attacker Value
Low
(1 user assessed)
Exploitability
High
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2018-14581

Disclosure Date: July 31, 2018
CVE-2018-14581
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific embedded resource file.

Add Assessment

2
Ratings
  • Attacker Value
    Low
  • Exploitability
    High
Easy to weaponizeUnauthenticatedVulnerable in default configurationRequires user interaction
Technical Analysis

A crafted .RESX file can be used to execute code when deserialized by .NET reflector. The attacker would need to generate the .RESX file, compile it into a .RESOURCES file, before combining that with a C# executable to create a malicious binary.

The binary would then need to be opened by the target user in .NET reflector and inspected (it looks like by expanding a node within the tree view) in order to cause the resource to be deserialized and the code to be executed. The resulting execution context would be as the user inspecting the file.

Log in to Add Reply
CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • red-gate

Products

  • .net reflector,
  • smartassembly
Technical Analysis