Responsible Disclosure – Security Vulnerability in Accops USB Redirection Driver

Accops
December 7, 2021
4:00 pm

Overview
A local privilege escalation vulnerability in Accops products for Windows OS was recently discovered and responsibly disclosed to Accops. It was reported by SentinelOne, which is a reputed global cybersecurity company. The vulnerability has been fixed in Accops products.

The vulnerability affects customers who use Accops Virtual Desktop products only, more specifically described below.

The remediation prevented local users from executing arbitrary code with administrator privileges. There is no evidence that the vulnerability has been exploited and to our knowledge, no customer is impacted.

Applies to the following Accops product(s) and version(s)
• Accops HyWorks Client version 3.2.8.180 or prior, for Windows with built-in USB redirection
• Accops HyWorks DVM Tools version 3.3.1.102 or prior, for Windows 7/8/10 based Virtual Desktops

Detection & remediation
• The HyWorks Client endpoint can be checked for any affect due to the vulnerability and fixed, if needed, by
running a utility provided by Accops
• The fix is included in HyWorks Client version 3.2.8.200, released August 21, 2021
• The fix is included in HyWorks DVM Tools version 3.3.1.105, released as part of HyWorks version 3.3 – R3 on
October 14, 2021

Detailed remediation document
We have published a detailed document providing steps to remediate the vulnerability.

Vulnerability CVE IDs given below

CVE-2021-42688	An Integer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22005B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42687	A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22005B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42686	An Integer Overflow exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42685	An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 . The IOCTL Handler 0x22005B in the Accops HyWorks DVM Tools prior to v3.3.1.105 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42683	A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42682	An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105 .The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
CVE-2021-42681	A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Search results for “Accops” at the official CVE website.