14 DAY TRIAL // A security vulnerability that allows a potential attacker to execute arbitrary code on the system has been uncovered in the iPass Open Mobile Windows Client.
The glitch affects versions 2.4.4 and earlier of the program and can be exploited remotely by an authenticated user.
An attacker can execute code with system privileges
iPass is a service that offers Internet connectivity across the globe through a network of WiFi hotspots located in hotels, airports and business venues. The service also provides in-flight connectivity.
The purpose is to make Internet connection available at smaller fees than 3G and 4G plans and without the downsides of a crowded network.
The CERT (Computer Emergency Response Team) division at Carnegie Mellon University issued an alert about the vulnerability, which is tracked as CVE-2015-0925 and assigned a severity level of 8.5, according to the Common Vulnerability Scoring System (CVSS).
In the advisory from CERT, it is said that the affected versions of the program rely on named pipes for interprocess communication.
“One of the subprocesses spawned by the client runs with SYSTEM privileges. An authenticated user can register arbitrary DLL files, including ones located at UNC paths, by sending a specially-crafted unicode string to this subprocess to one of the named pipes. The DllMain function in the specified DLL file will then execute with SYSTEM privileges,” the report informs.
Patch is available in new software version
The developer has already taken the necessary measures and released version 2.4.5 to mitigate the risk.
The vulnerability was discovered and reported by security researcher Matthias Kaiser, head of the vulnerability research department at Code White GmbH in Germany.
According to information from iPass, the network includes more than 60,000 free, open access hotspots, covers over 78,000 hotel and convention venues, and provides Internet access in at least 800 trains with WiFi support. The company also boasts premium in-flight WiFi in 2,200 planes.
On January 20, the company informed that its global public WiFi network had more than 50 million hotspots, marking an 80% increase compared to year 2013.
iPass also covers the enterprise sector, offering access to more than one million global WiFi hotspots with a single log-in based on the corporate credentials of the user.