silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,210
An unpatched vulnerability in software that redirects local USB devices to a remote system could help attackers elevate privileges on a target machine by adding fake devices.
The flaw is identified as CVE-2020-9332 and resides in the bus driver for “USB for Remote Desktop” developed by FabulaTech. The company has an impressive customer list with high-profile organizations from a variety of sectors.
Among them are Google, Microsoft, Texas Instruments, BMW, MasterCard, NASA, Reuters, Intel, Chevron, Shell, Raytheon, Xerox, Harvard, General Electric, and Raiffeisen Bank.
BleepingComputer has reached out to FabulaTech for comments about a plan to patch the vulnerability and what customers can do in the meantime. A company representative replied saying "We don't see any technical requests from you or any customer with the name SentinelOne."
After getting more details and checking if the issue exists, the company acknowledged the problem. FabulaTech's Vladimir Mostovoy, VP Business Operations, told BleepingComputer that it will be addressed in the shortest time possible. A new release of the software containing the patch is expected in the near future.
A Click from the Backyard | Analysis of CVE-2020-9332, a Vulnerable USB Redirection Software - SentinelLabs
CVE-2020-9332 is a vulnerability that could allow an attacker to create trusted, fake USB devices and attack Windows machines in new and unexpected ways.
labs.sentinelone.com