Tenable Research has discovered three vulnerabilities in Plex Media Server. The vulnerabilities discovered
can easily allow the attackers to gain unlimited access to their operating system through phishing and get access to the private media albums.
The Plex application gained a major market in this lockdown situation when people have been forced to stay indoors to ensure safety. This application an alternative of Netflix allows the users to stream their own media and share personal libraries among friends. Exploiting all the three vulnerabilities together an attacker can easily gain access to the operating system and access any file, pivot to other machines on the network or install backdoors. The exploiter can also access the personal videos and pictures on the user’s server and then also access the underlying operating system.
Tenable has published plugins to detect vulnerabilities on the Plex Media Server. A small account of each vulnerability is given below :
- CVE-2020-5742 – In Plex the users are given a link to access someone else’s media. They potentially can’t determine whether they are logging into their own server or the attacker’s. The user can’t distinguish whether it’s a phishing link or a genuine link. The attacker can send phishing links to the user and access the server and download albums such as private photo album.
- CVE-2020-5741 – After exploiting the previous vulnerability, the attacker can remotely execute an arbitrary code on a Windows machine to gain the similar access privileges as the server, and install backdoors in the system.
- CVE-2020-5740 – The attackers can also increase their privileges which will help them gain unlimited access to the underlying Windows operating system to access any files.
