Software driver for D-Link Wi-Fi USB Adapter vulnerable to service path privilege escalation
Discription

### Overview

The software driver for D-Link DWA-117 AC600 MU-MIMO Wi-Fi USB Adapter contains a unquoted service path privilege escalation vulnerability. In certain conditions, this flaw can lead to a local privilege escalation.

### Description

D-Link DWA-117 AC600 MU-MIMO is a Wi-Fi USB Adapter that enables Wi-Fi network accessible over USB. D-Link provides a software driver for Microsoft Windows operating system that enables proper operation of the device with the operating system. The latest software driver (as of Arpil 19, 2023) was found susceptible to an unquoted service path vulnerability. Given certain conditions are met, there is potential for a local privilege escalation allowing an attacker to escalate privileges to local administrative user.

The following conditions are required to trigger this bug * The software is installed in a directory with a space in it. (The default settings for directory will work) * An unprivileged user should have write access to the directory above the folder that contains the space in its name. (Typical default Windows user permissions is sufficient)

### Impact

An attacker with low level access can execute code as the system account. The increased privileges allow for access to sensitive files and malicious modifications to the system.

### Solution

D-Link has provided a patch that addresses the issue. Customers should update their driver to the latest version.

### Acknowledgements

Thanks to @L1v1ng0ffTh3L4n for reporting the vulnerability.

This document was written by Kevin Stephens.

### Vendor Information

813349

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

### D-Link Systems Inc. __ Unknown

Notified: 2023-04-20 Updated: 2023-07-27

**Statement Date: June 16, 2023**

**VU#813349.1**| Unknown
—|—

#### Vendor Statement

This report doesn’t have the necessary information to trace the issue.

a) I believe it is the DWA-171, but the report mixes DWA-117 and DWA-171. b) I only have information on DWA-171, the DWA-117 may be a regional product and can only be reference within the region it was sold. The DWA-117 is not a US available product regional contacts can be found [https://us.dlink.com/en/change-region]() c) There are multiple revisions of DWA-171 and each has differnet installation applications so it is critical submission to know the devices H/W Revision and version of installation software. d) Some of the older revisions of this DWA-171 are EOL/EOS which means they are no longer support nor underdevelopment. e) Finally we have reports from security professional that have submitted this issue previously. Mitigation to this issue is currently underdevelopment. f) Recommend contact [email protected] with clear details so we can help our customer address this issue.

Thank You, D-Link US SIRT

#### References

* Fix and report publically available here: https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10342

### Other Information

**API URL: ** | VINCE JSON | CSAF
—|—
**Date Public:** | 2023-07-27
**Date First Published:** | 2023-07-27
**Date Last Updated: ** | 2023-07-27 15:17 UTC
**Document Revision: ** | 1Read More

References

Back to Main
Subscribe for the latest news: