Share: Email | Twitter

ID

VDE-2024-053

Published

2024-09-03 10:00 (CEST)

Last update

2024-09-02 11:54 (CEST)

Vendor(s)

Lenze SE

Product(s)

Article No° Product Name Affected Version(s)
EASY UI Designer < 1.6.0
VisiWinNET Professional all
VisiWinNET Smart all

Summary

The following tools:

  • VisiWinNET Smart
  • VisiWinNET Professional
  • EASY UI Designer

create a directory with insufficient permissions, allowing a low-level user the ability to add and modify certain files that hold SYSTEM privileges, which could lead to privilege escalation.


Last Update:

23. August 2024 11:49

Weakness

Incorrect Default Permissions  (CWE-276) 

Summary

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version.


Impact

The vulnerability allows a low-level user to escalate privileges to SYSTEM, which could lead to full system compromise.

Solution

Mitigation

Only use this tool in a protected and controlled environment to minimize network impact and to ensure that the tool is inaccessable from outside. In addition, the use of firewalls is recommended to reduce the attack surface, specially to the internet and the internal business network.

Remediation

Lenze has released version 1.6.1 of the EASY UI Designer tool, which fixes the identified security vulnerability. The other two tools are no longer recommended for new applications and are being prepared for discontinuation.

Reported by

CERT@VDE coordinated with Lenze