CVE-2019-7588

Опубликовано: 18 июн. 2019

Источник: nvd

CVSS3: 6.7

CVSS3: 7

CVSS2: 6.9

EPSS Низкий

Описание

A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not impact any Windows Server OSs, or Linux deployments with permissions that are not inherited from the root directory. Authorized Users have ‘modify’ permission to the ESM folders, which allows a low privilege account to modify files located in these directories. An executable can be renamed and replaced by a malicious file that could connect back to a bad actor providing system level privileges. A low privileged user is not able to restart the service, but a restart of the system would trigger the execution of the malicious file. This issue affects: Exacq Technologies, Inc. exacqVision Enterprise System Manager (ESM) Version 5.12.2 and prior versions; This issue does not affect: Exacq Techn

Ссылки

https://exacq.com/kb?crc=31399
Mitigation
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-01
Third Party Advisory
US Government Resource
https://packetstormsecurity.com/files/151691/exacqvisionesm5122-escalate.txt
Exploit
Third Party Advisory
VDB Entry
https://www.johnsoncontrols.com/-/media/jci/be/united-states/specialty-pages/product-security/files/cpp-psa-2019-01-v2-exacqvision-esm.pdf
Mitigation
Third Party Advisory
https://exacq.com/kb?crc=31399
Mitigation
Vendor Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-01
Third Party Advisory
US Government Resource
https://packetstormsecurity.com/files/151691/exacqvisionesm5122-escalate.txt
Exploit
Third Party Advisory
VDB Entry
https://www.johnsoncontrols.com/-/media/jci/be/united-states/specialty-pages/product-security/files/cpp-psa-2019-01-v2-exacqvision-esm.pdf
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:exacq:enterprise_system_manager:*:*:*:*:*:*:*:*

Версия до 5.12.2 (включая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00278

Низкий

6.7 Medium

CVSS3

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-276

Связанные уязвимости

GHSA-fvmc-pwj7-rpwh

CVSS3: 7

github

больше 3 лет назад

A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not impact any Windows Server OSs, or Linux deployments with permissions that are not inherited from the root directory. Authorized Users have ?modify? permission to the ESM folders, which allows a low privilege account to modify files located in these directories. An executable can be renamed and replaced by a malicious file that could connect back to a bad actor providing system level privileges. A low privileged user is not able to restart the service, but a restart of the system would trigger the execution of the malicious file. This issue affects: Exacq Technologies, Inc. exacqVision Enterprise System Manager (ESM) Version 5.12.2 and prior versions; This issue does not affect: Exacq Techno...

EPSS

Процентиль: 51%

0.00278

Низкий

6.7 Medium

CVSS3

7 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-276