Most users familiar with IT, gaming, virtualization, and disc imaging software are bound to have used Disc Soft Ltd Daemons’ Daemon Tools product suite at some point. The software is revolutionary in that it allows users to create ‘virtual drives’ or ‘clones’ that can be mounted and unmounted without the need for a physical component. Users are able to create ‘image’ files (like those that are used for a system backup) and add as many virtual drives as they want. Image files can be anything from a virtual audio CD to a data image like a PC game disc. Virtual images can be created from physical discs and ’emulated’ as well as shared and converted to other formats. The technology was very popular in the early and late 2000s when transferring physical discs to virtual ‘ISO’ files was trendy, but today Daemon Tools is used for other purposes and both Windows and macOS can natively process image files by default without the need for supplementary software.
Software that uses virtualization technology like offerings from VMware can also be susceptible to vulnerabilities or bugs, just like any other software can. Daemon has been known to have issues with malware and spyware in the past, especially the free versions. This time, public information was released about a critical vulnerability in Disc Soft Ltd Daemon‘s Daemon Tools Pro product.
The Daemon Tools Pro Vulnerability
Security researcher Piotr Bania at Cisco Talos Intelligence discovered a security flaw in Daemon Tools. Cisco Talos released a vulnerability report on August 17th, 2021 concerning a critical vulnerability in the Daemon Tools Pro product. The software vulnerability, if unpatched, can lead to the full compromise of a vulnerable system.
The critical vulnerability has been ascribed CVE ID code CVE-2021-21832. It is a high-risk integer overflow vulnerability in the feature functionality that scores an 8.1 on the CVSS scale. If successfully exploited, a remote attacker (hacker) is able to execute arbitrary code on the target system. An attacker can compromise a vulnerable system by crafting data and triggering integer overflow thereby being able to execute code on a targetted system. Due to this ISO Parsing memory corruption vulnerability, an attacker may be able to trigger an out-of-bounds write by providing a malicious file.
Vulnerable Software Versions
Users should know that Daemon Tools Pro: 8.3.0.0767 is vulnerable to the above flaw.
The Current Situation
It is important for users to know that, as it stands, there is no patch (update) available for this vulnerability. It is unclear whether this vulnerability has been exploited in the wild, but users should watch for a software update from Disc Soft Ltd Daemon as well as check for any automatic update notifications.