Vulnerability CVE-2019-12133


Published: 2019-06-18   Modified: 2019-06-19

Description:
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus.

Type:

CWE-275

(Permission Issues)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Zohocorp -> Manageengine servicedesk plus 
Zohocorp -> Manageengine analytics plus 
Zohocorp -> Manageengine supportcenter plus 
Zohocorp -> Manageengine browser security plus 
Zohocorp -> Manageengine vulnerability manager plus 
Zohocorp -> Manageengine desktop central 
Zohocorp -> Manageengine eventlog analyzer 
Zohocorp -> Manageengine firewall 
Zohocorp -> Manageengine key manager plus 
Zohocorp -> Manageengine mobile device manager plus 
Zohocorp -> Manageengine netflow analyzer 
Zohocorp -> Manageengine network configuration manager 
Zohocorp -> Manageengine o365 manager plus 
Zohocorp -> Manageengine opmanager 
Zohocorp -> Manageengine oputils 
Zohocorp -> Manageengine password manager pro 
Zohocorp -> Manageengine patch connect plus 
Zohocorp -> Manageengine patch manager plus 

 References:
https://github.com/active-labs/Advisories/blob/master/ACTIVE-2019-007.md
https://www.manageengine.com/products/desktop-central/elevation-of-privilege-vulnerability.html

Copyright 2021, cxsecurity.com

 

Back to Top