VideoLAN, the organization behind the popular VLC Media Player, has disclosed multiple critical vulnerabilities that could allow attackers to execute arbitrary code remotely. These vulnerabilities affect both the desktop and iOS versions of the software.
The security advisories, identified as SB-VLC3021 and SB-VLC-iOS359, outline several flaws malicious actors could exploit.
SB-VLC3021: Desktop Version Vulnerabilities
The vulnerability, which involves a potential integer overflow, can be triggered by a maliciously crafted MMS stream, leading to a heap-based overflow.
If successfully exploited, this vulnerability could allow a malicious third party to cause VLC Media Player to crash or execute arbitrary code with the privileges of the target user.
While the primary consequence is likely to be a crash, the vulnerability could be combined with other exploits to leak user information or execute code remotely.
Although Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) help mitigate the risk of code execution, these protections can potentially be bypassed.
Exploiting this vulnerability requires the user to open a maliciously crafted MMS stream explicitly. Users are strongly advised to avoid opening MMS streams from untrusted sources or to disable the VLC browser plugins until a patch is applied.
Workarounds
- Avoid Untrusted MMS Streams: Users should refrain from opening MMS streams from untrusted third parties.
- Disable VLC Browser Plugins: As an additional precaution, users can disable the VLC browser plugins to prevent potential exploitation.
The VLC development team has addressed this issue in VLC Media Player version 3.0.21. Users are urged to update to this latest version to protect against the vulnerability.
With ANYRUN You can Analyze any URL, Files & Email for Malicious Activity : Start your Analysis
SB-VLC-iOS359: iOS Version Vulnerabilities
A popular application’s WiFi file-sharing feature has identified a potential path traversal vulnerability. This vulnerability could allow malicious parties on the local network to upload arbitrary data to storage locations invisible to the user within the application context.
This vulnerability could lead to a denial-of-service (DoS) condition on the affected device due to exceeded storage space or arbitrary data.
It is important to note that no read access by third parties and no write access outside the application container are possible. To date, no exploits have been reported for this vulnerability.
Affected Platforms
- The vulnerability affects the iOS version of the application.
- The tvOS port of the app is not affected.
Exploiting this issue requires the user to explicitly start WiFi File Sharing on a local network with potential malicious actors.
VLC-iOS version 3.5.9 addresses the issue. Users are strongly encouraged to update to this version to protect their devices from this vulnerability.
How to Update VLC Media Player
To ensure your VLC Media Player is secure, follow these steps to update:
- Open VLC Media Player.
- Go to “Help” > “Check for Updates.”
- Follow the prompts to download and install the latest version.
- Open the App Store on your iOS device.
- Search for VLC Media Player.
- Tap “Update” if an update is available.
To date, no exploits have been observed performing code execution through this vulnerability. However, the potential risk remains significant, and users are advised to take precautionary measures.
Looking for Full Data Breach Protection? Try Cynet's All-in-One Cybersecurity Platform for MSPs: Try Free Demo