Release date: 2 December 2021
- UiPath Assistant desktop application registers a URI handler to allow users to open it for specific links present in web applications. This functionality is used for sign-in, notifications, and error messages.
- An issue was fixed in one command line parameter, the name of the process, which was reflected in the user interface of Assistant. The functionality allowed users to see details regarding the process name which encountered an error; however, it was possible for a malicious web page opening the desktop application to use arbitrary text which was displayed in the user interface of the Assistant.
- A separate issue was fixed in one command line parameter identifying a widget. The functionality allowed users to develop and run Assistant widgets from the command line; however, it was possible for a malicious web page opening the desktop application to inject a remote file location of a widget using a network share.
- The issues are not directly exploitable. They require opening a malicious link and confirming the browser dialog, asking the user to open a custom link with UiPath Assistant.
Additional information on the updates described above can be found on the following links:
Erratum 16 December 2021: added links to the UiPath Trust Portal advisory for these issues.
Updated 9 months ago