← Advisories

Epic Games Fortnite 4.2-CL-4072250 Insecure File Permissions

Medium

Advisory ID

ZSL-2018-5469

Release Date

21 May 2018

Vendor

Epic Games, Inc. - https://www.epicgames.com

Affected Version

4.2-CL-4072250, 4.1-CL-4053532, 4.0-CL-4039451

CVE

N/A

Tested On

Microsoft Windows 10 Home

Summary

Fortnite is a co-op sandbox survival game developed by Epic Games and People Can Fly and published by Epic Games. The game was released as a paid-for early access title for Microsoft Windows, macOS, PlayStation 4 and Xbox One on July 25, 2017, with a full free-to-play release expected in 2018. The retail versions of the game were published by Gearbox Publishing, while online distribution of the PC versions is handled by Epic's launcher.

Description

Fortnite suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'C' flag (Change) for 'Authenticated Users' group.

Proof of Concept

fortnite_eop.txtTXT

Disclosure Timeline

10.04.2018Vulnerability discovered.

09.05.2018Vendor contacted.

11.05.2018Vendor replied confirming message received.

20.05.2018No response from the vendor.

21.05.2018Public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://exchange.xforce.ibmcloud.com/vulnerabilities/143688

[2]https://packetstormsecurity.com/files/147804

[3]https://cxsecurity.com/issue/WLB-2018050178

Changelog

21.05.2018Initial release

29.05.2018Added reference [1], [2] and [3]