HMS eCatcher CVE-2021-33214: Local Privilege Escalation via Insecure Filesystem Permissions

eCatcher Desktop, Version 6.6.4 Advisory Severity: Medium Medium Risk Level Impact Weak filesystem permissions could allow malicious users to access files that could lead to sensitive information disclosure, modification of configuration files, or disruption of normal system operation. Affected Vendor Product Description eCatcher is a remote access software that allows remote management of devices within a highly secure environment. The project's official website is https://www.ewon.biz/technical-support/pages/talk2m/talk2m-tools/talk2m-ecatcher. The latest version of the application is 6.7.3, released on July 7, 2021. Vulnerabilities List One vulnerability was identified within the eCatcher Desktop application: INSECURE FILESYSTEM PERMISSIONS: The vulnerabilities are described in the sections below. Solution Update to version 6.7.3. Vulnerabilities INSECURE FILESYSTEM PERMISSIONS Description: Files and directories for the eCatcher Talk2MVpnService service have permissions that do not properly enforce access controls. For example, sensitive configuration files are marked as world-writable. Since this service runs under the NT Authority\\SYSTEM user, excessive permissions could lead to privilege escalation on the server. Directory Permissions: Timeline 04/19/2021: Initial discovery 04/30/2021: Contact with vendor 05/12/2021: Vendor acknowledged vulnerabilities 07/07/2021: Vendor released patched version 6.7.3

Goal Reached Thanks to every supporter — we hit 100%!

HMS eCatcher CVE-2021-33214: Local Privilege Escalation via Insecure Filesystem Permissions