Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2019-7588
PUBLISHED
More InfoOfficial Page
Assigner-jci
Assigner Org ID-7281d04a-a537-43df-bfb4-fa4110af9d01
View Known Exploited Vulnerability (KEV) details
Published At-18 Jun, 2019 | 13:23
Updated At-16 Sep, 2024 | 18:13
Rejected At-
▼CVE Numbering Authority (CNA)
exacqVision Enterprise System Manager (ESM) privilege escalation

A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not impact any Windows Server OSs, or Linux deployments with permissions that are not inherited from the root directory. Authorized Users have ‘modify’ permission to the ESM folders, which allows a low privilege account to modify files located in these directories. An executable can be renamed and replaced by a malicious file that could connect back to a bad actor providing system level privileges. A low privileged user is not able to restart the service, but a restart of the system would trigger the execution of the malicious file. This issue affects: Exacq Technologies, Inc. exacqVision Enterprise System Manager (ESM) Version 5.12.2 and prior versions; This issue does not affect: Exacq Technologies, Inc. exacqVision Enterprise System Manager (ESM) 19.03 and above.

Affected Products
Vendor
Exacq Technologies, Inc.
Product
exacqVision Enterprise System Manager (ESM)
Versions
Affected
  • From 1.x through 5.12.2 (custom)
  • From 2.x through 5.12.2 (custom)
  • From 3.x through 5.12.2 (custom)
  • From 4.x through 5.12.2 (custom)
  • From 5.x through 5.12.2 (custom)
Unaffected
  • From 19.03 before 19.03* (custom)
Problem Types
TypeCWE IDDescription
textN/AThe exacqVision Enterprise System Manager (ESM) privilege escalation vulnerability is possible due to insecure file permission in the Windows operating system.
Type: text
CWE ID: N/A
Description: The exacqVision Enterprise System Manager (ESM) privilege escalation vulnerability is possible due to insecure file permission in the Windows operating system.
Metrics
VersionBase scoreBase severityVector
3.06.7MEDIUM
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.0
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

KB mitigation ( https://exacq.com/kb?crc=31399 ) or Upgrade to version 19.03 or beyond.

Configurations

Windows operating system with exacqVision ESM version 5.12.2 or prior installed.

Workarounds

(Windows 10) Change file permissions for install location of exacqVision ESM. In the Properties of the installation folder Security tab > Advanced Select Disable inheritance Select Convert Select ‘Authorized Users’ or ‘Users’ that have ‘Special’ or ‘Modify’ access and remove.

Exploits

Replace system level executable with malicious file; trigger system restart.

Credits
@bzyo_
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-01
x_refsource_MISC
https://packetstormsecurity.com/files/151691/exacqvisionesm5122-escalate.txt
x_refsource_MISC
https://exacq.com/kb?crc=31399
x_refsource_CONFIRM
https://www.johnsoncontrols.com/-/media/jci/be/united-states/specialty-pages/product-security/files/cpp-psa-2019-01-v2-exacqvision-esm.pdf
x_refsource_CONFIRM
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-19-164-01
Resource:
x_refsource_MISC
Hyperlink: https://packetstormsecurity.com/files/151691/exacqvisionesm5122-escalate.txt
Resource:
x_refsource_MISC
Hyperlink: https://exacq.com/kb?crc=31399
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.johnsoncontrols.com/-/media/jci/be/united-states/specialty-pages/product-security/files/cpp-psa-2019-01-v2-exacqvision-esm.pdf
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://ics-cert.us-cert.gov/advisories/ICSA-19-164-01
x_refsource_MISC
x_transferred
https://packetstormsecurity.com/files/151691/exacqvisionesm5122-escalate.txt
x_refsource_MISC
x_transferred
https://exacq.com/kb?crc=31399
x_refsource_CONFIRM
x_transferred
https://www.johnsoncontrols.com/-/media/jci/be/united-states/specialty-pages/product-security/files/cpp-psa-2019-01-v2-exacqvision-esm.pdf
x_refsource_CONFIRM
x_transferred
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-19-164-01
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://packetstormsecurity.com/files/151691/exacqvisionesm5122-escalate.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://exacq.com/kb?crc=31399
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.johnsoncontrols.com/-/media/jci/be/united-states/specialty-pages/product-security/files/cpp-psa-2019-01-v2-exacqvision-esm.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Details not found