A few days back, a security flaw was reported by Florian Bogner in Enpass for Windows that could have lead to a local code injection attack. This has been fixed in the version – v5.4.
Summary
A local code injection vulnerability was detected in Enpass that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. Enpass.exe tries to find its openssl configuration from file openssl.cnf located at c:\usr\local\ssl\openssl.cnf. Because of the special ACLs of the filesystem in the c: drive, any local user can create a normally non-existing path as c:\usr\local\ssl\ which could be used to place a malicious openssl.cnf there that can load a malicious dll into the parent process, and execute arbitrary code without the user’s knowledge.
Affected Version: Enpass 5.3.1 or earlier, of the traditional Windows desktop app
Tested on: Windows 7
Fix: Enpass 5.4.1 for Windows PC
What should be done?
Please update your copy of Enpass to latest 5.4.1 if not done already.