Rufus has Local Privilege Escalation via TOCTOU Race Condition in Fido Script Handling

Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condition (TOCTOU) in src/net.c during the creation, validation, and execution of the Fido PowerShell script. Since Rufus runs with elevated privileges (Administrator) but writes the script to the %TEMP% directory (writeable by standard users) without locking the file, a local attacker can replace the legitimate script with a malicious one between the file write operation and the execution step. This allows arbitrary code execution with Administrator privileges. This issue has been fixed in version 4.12_BETA.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

检查时间与使用时间(TOCTOU)的竞争条件

Rufus 安全漏洞

Rufus是Pete Batard个人开发者的一个可靠的 USB 格式化工具。 Rufus 4.11及之前版本存在安全漏洞，该漏洞源于在创建、验证和执行Fido PowerShell脚本期间存在竞争条件，可能导致以管理员权限执行任意代码。

N/A

N/A