Inosoft VisiWin 7 2022-2.1 – Insecure Folders Permissions

• Exploit Database
• 142 阅读

• 作者： shinnai
  日期： 2023-08-21
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/51682/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43

  # Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation # Date: 2023-08-09 # Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia # Vendor Homepage: https://www.inosoft.com/ # Version: Up to 2022-2.1 (Runtime RT7.3 RC3 20221209.5) # Tested on: Windows # CVE: CVE-2023-31468   Inosoft VisiWin is a completely open system with a configurable range of functions. It combines all features of classic HMI software with unlimited programming possibilities. The installation of the solution will create insecure folder, and this could allow a malicious user to manipulate file content or change legitimate files (e.g., VisiWin7.Server.Manager.exe which runs with SYSTEM privileges) to compromise a system or to gain elevated privileges.   This is the list of insecure files and folders with their respective permissions:   C:\>icacls "C:\Program Files (x86)\INOSOFT GmbH" C:\Program Files (x86)\INOSOFT GmbH BUILTIN\Administrators:(OI)(CI)(F) Everyone:(OI)(CI)(F) NT AUTHORITY\SYSTEM:(OI)(CI)(F)   Successfully processed 1 files; Failed processing 0 files   C:\>   --------------------------------------------------------------------------------------------------------------------------------------------------------   C:\>icacls "C:\Program Files (x86)\INOSOFT GmbH\VisiWin7\Runtime\VisiWin7.Server.Manager.exe" C:\Program Files (x86)\INOSOFT GmbH\VisiWin 7\Runtime\VisiWin7.Server.Manager.exe BUILTIN\Administrators:(I)(F)   Everyone:(I)(F)   NT AUTHORITY\SYSTEM:(I)(F)   Successfully processed 1 files; Failed processing 0 files   C:\>