Headline
CVE-2022-45193: CBRN-Analysis - Unprotected storage of application files | Web Application Security Testing
CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.
Update to CBRN-Analysis v.22 or newer.
The CBRN-Analysis is an off-the-shelf CBRN Defence Knowledge Management Software Application that provides Knowledge Management, Hazard Prediction, and Warning and Reporting (W&R) capability, supporting the planning and execution of operations.
It’s a fat-client application that executes within a Windows session.
Multiple application files containing application content and user data are stored under the User’s Public Profile where the application is installed.
Any OS user of a server or workstation where the CBRN-Analysis is installed has sufficient privileges to modify the content of the CBRN-Analysis files. This can be used to steal sensitive content (such as a password hash) or to conduct privilege elevation attacks.
Dawid Czarnecki and Jerome Nokin from NATO Cyber Security Centre