If you’re using an old version of Techsmith Snagit, you should know ‘local privilege escalation through insecure file move’ vulnerability exists in its Relay Classic Recorder. To fix the vulnerability, either you need to update Snagit or disable Techsmith Uploader.
While the vulnerability CVE-2019-13382 has been acknowledged and fixed by Techsmith in the last year 2019, we came to know about it through update notification from “Snagit 13.1.5” recently, which is also affected.
Here are the vulnerability details
UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an arbitrary folder with an arbitrary file name. TechSmith Relay Classic Recorder prior to 5.2.1 on Windows is vulnerable. The vulnerability was introduced in SnagIT Windows 12.4.1.
- Snagit 2019.1.3 (or later)
- Snagit 2018.2.4
- Snagit 13.1.7
Disabling Techsmith Uploader Service
1. Run the following command in Run dialog or Windows Explorer
C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader
2. Right-click on “UnInstallAndRemoveUploader.cmd” file and select Run as Administrator
3. The service will be stopped and removed from your computer.
It’s worth noting that the current Snagit 2020 version is bloated with OCR and other unwanted features.
If you don’t want to update Snagit, Uninstalling Techsmith Uploader Service is the right thing to do to protect your device.