virus logo FortiClient Vulnerability

Security Vulnerability CVE-2018-16156 for PaperStream IP

description-logoDescription

In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes an exported function named ChangeUninstallString. The default install does not contain this library and therefore if any DLL with that name exists in any directory listed in the PATH variable, it can be used to escalate to SYSTEM level privilege.

affected-products-logoAffected Applications

PaperStream IP

CVE References

CVE-2018-16156

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16156
ID 2285
Created Jul 28, 2021
Description
Updated		 Feb 16, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Fujitsu
Patch manual
Application PaperStream IP