IObit Uninstaller 8.0.2.19 – Unquoted Service Path Privilege Escalation

The application is suffering from an unlisted search path problem that affects the ‘IObitUnSvr’ service for Windows. This could potentially allow an authorized but unprivileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to insert their code into the system root path that was not detected by the operating system or other security applications where it could be run when the application is started or restarted. If successful, the code for the local user will run with the elevated privileges of the application.

Product & Service Introduction:
===============================

IObit Uninstaller is a tool for uninstalling recalcitrant software and removing malware that can give your PC a second life.

(Copy of the Vendor Homepage: https://www.iobit.com/)

Date of Discovery:
==================

2018-09-25

Exploitation Technique:
=======================

Local

Platfom Tested:
===============

Windows 7

Levels Risk :

Proof of Concept (PoC):
=======================

For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue.

--- PoC Privileges Access Logs ---
[SC] QueryServiceConfig réussite(s)

SERVICE_NAME: IObitUnSvr
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 0   IGNORE
        BINARY_PATH_NAME   : C:\Program Files\IObit\IObit Uninstaller\IUService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : IObit Uninstaller Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

Soyez le premier à commenter

Poster un Commentaire

Votre adresse de messagerie ne sera pas publiée.


*