Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-31468: Inosoft VisiWin 7 2022-2.1 Insecure Permissions

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The “%PROGRAMFILES(X86)%\INOSOFT GmbH” folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM.

CVE
#windows#git#auth
# Exploit Title: Inosoft VisiWin 7 2022-2.1 - Insecure Folders Permissions Privilege Escalation# Date: 2023-08-09# Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia# Vendor Homepage: https://www.inosoft.com/# Version: Up to 2022-2.1 (Runtime RT7.3 RC3 20221209.5)# Tested on: Windows# CVE: CVE-2023-31468Inosoft VisiWin is a completely open system with a configurable range of functions. It combines all features of classic HMI software with unlimited programming possibilities.The installation of the solution will create insecure folder, and this could allow a malicious user to manipulate file content or change legitimate files (e.g., VisiWin7.Server.Manager.exe which runs with SYSTEM privileges) to compromise a system or to gain elevated privileges.This is the list of insecure files and folders with their respective permissions:C:\>icacls "C:\Program Files (x86)\INOSOFT GmbH"C:\Program Files (x86)\INOSOFT GmbH BUILTIN\Administrators:(OI)(CI)(F)                                     Everyone:(OI)(CI)(F)                                     NT AUTHORITY\SYSTEM:(OI)(CI)(F)Successfully processed 1 files; Failed processing 0 filesC:\>--------------------------------------------------------------------------------------------------------------------------------------------------------C:\>icacls "C:\Program Files (x86)\INOSOFT GmbH\VisiWin7\Runtime\VisiWin7.Server.Manager.exe"C:\Program Files (x86)\INOSOFT GmbH\VisiWin 7\Runtime\VisiWin7.Server.Manager.exe BUILTIN\Administrators:(I)(F)                                                                                    Everyone:(I)(F)                                                                                    NT AUTHORITY\SYSTEM:(I)(F)Successfully processed 1 files; Failed processing 0 filesC:\>

Related news

Inosoft VisiWin 7 2022-2.1 Insecure Permissions / Privilege Escalation

Inosoft VisiWin 7 version 2022-2.1 suffers from a privilege escalation vulnerability.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907