According to the researchers at Bishop Fox who discovered the flaw, if hackers exploit a file vsystem permissions vulnerability recently discovered in the Ewon eCatcher Desktop app, they could access files that would allow them to disclose sensitive information, modify configuration files, or disrupt normal system operation. A flaw in the eCatcher desktop software could provide attackers access is concerning given that enterprises utilise eCatcher to remotely manage devices in highly protected environments.
“Permissions on files and directories for the eCatcher Talk2MVpnService service do not effectively enforce access controls. Sensitive configuration files, for example, are designated as world-writable,” the researchers stated in an alert. “Because this service is run by the NT Authority SYSTEM user, these excessive permissions may result in privilege escalation on the server.”
Users have “full read/write rights over the directory,” which is used to “temporarily write Open VPN configuration files,” according to Bishop Fox, which means “a user or malware on the system that successfully replaces it could perform privilege escalation when the It is read by the privileged openvpn process. “When a VPN connection is established, the Talk2MVpn Service service recreates the configuration file and prepends the filename with a random UUID, making it unpredictable,” they explained. “As a result, the attack window for exploitation was around 15 ms, making the working exploit untrustworthy.”
While “it is difficult to exploit this race condition,” Priyank Nigam, senior security expert at Bishop Fox, pointed out that if it was, “it would lead to privilege escalation on a Windows machine.” An attacker can then pivot inside the company’s network (lateral movement).”
“In the post-Kaseya era, it’s easy to look at this vulnerability for a remote management tool and conclude this could be Kaseya 2.0, but that’s incorrect for two reasons,” said AJ King, CISO of BreachQuest.
“First, because eCatcher has a very modest market share (orders of magnitude smaller than Kaseya), the exposed population is much smaller. Second, this is a vulnerability that can only be exploited locally,” he explained. “The Kaseya vulnerability enables threat actors to acquire remote access to systems, whereas the eCatcher vulnerability only allows for local privilege escalation.” So, in order for it to be triggered, a “threat actor” must already be present on the machine. This is the type of vulnerability that is really straightforward to find,” King explained.
Yaniv Bar-Dayan, CEO and co-founder of Vulcan Cyber, agreed that the vulnerability is “very obscure” and would necessitate a number of stars aligning before it could be exploited. ”Nonetheless, the weakness is troubling. “The stars have aligned for less, but it has resulted in more. Depending on a few conditions, it could do major damage to enterprises that use eCatcher Desktop,” stated Bar-Dayan.
“Vulnerabilities like CVE-2021-33214 will not garner a lot of attention on their own, but this is why vulnerability management programmes must work to prioritise threats specific to their business using IT asset data, threat intelligence, vulnerability severity, and, most importantly, multi-input risk modelling and analysis to identify specific risk to a specific business or business unit,” he explained.
“From a security standpoint, these crucial components are largely unaudited. This is an industrial VPN equipment, for example, and there are many more like it,” Nigam explained. “A motivated attacker may expend more effort to construct a better vulnerability than just a proof of concept.”
Why Choose Indian Cyber Security Solutions (ICSS) ?
Indian Cyber Security Solutions is one of best institute of India among other institute in India. ICSS offer as CEHv11 Courses in India as well as kali Linux. ICSS has won as many award for giving the online training as well as offline training. Its way of giving the training is unique which is easily adapted by the student as well as the professional. Due to way how ICSS trained the student it has got as many award some of award are Tech Brand of 2020, Ten most trusting cyber security certification provider 2021 and many more.
Among the many Ethical Hacking course in India, Indian Cyber Security Solutions would be the right for you to join. We have the right set of practical lab classes set up for students to learn as well as industry grade trainers who would conduct the classes and impart the right set of Cyber Security Knowledge to students. Our efforts have been acknowledged by various reputed administrative institutes, such as "Top Ten Training Institutes in India in 2020” by Silicon India; as well as Ten Most Trusted Training & Cyber Security Certifications Provider, 2021 by The Knowledge Review.
We not only provide ethical hacking course, but also Machine learning, Java Programming, AWS Cloud Computing, Microsoft Azure, OSCP, CISSP, Networking and more. As these encompasses Cyber Security, we make sure that we provide a 360 view of Cyber Security courses.
As an Education Institute, we are also cyber security service provider to corporate organization. Services like VAPT, Web Penetration Testing, Network Penetration Testing, Mobile Application Penetration Testing to corporate organization like IRCTC, HDFC, Cambridge Technologies, and many more. With this, Indian Cyber Security Solutions have been acknowledged as the 20 Tech Brands of 2021. by Business Connect India.
Our Cyber Security Services
Cyber Security is extremely important for every organisation and that we understand that data theft avoided is better than data theft done. Thus we also provide cyber security services to various MNCs across India. Our team is professional in providing Web Application Penetration Testing, Network Penetration Testing, Mobile Application Penetration Testing to clients.
We this, we have been acknowledged as the top 20 most Cyber Security Trusted Brands for 2021 by The Global Hues. We stand by to our commitment in providing the right cyber security training to students. We have provided services to clients like Madhya Pradesh Gramin Bank, Odisha State Pollution Control Board, HDFC Life Insurance Corporation, Qatar Development Bank and many more.
Why not Enquire more about our Education Training and Corporate Services?
Globsyn Crystals Building,5th Floor, Unit-4, Webel MoreKolkata – 700091
Chirush Mansion, 3478J HAL 2nd Stage,13th A Main Road Indiranagar Bangalore – 560008 Land Mark: Behind New Horizon School
Indian Cyber Security Solutions Cyber Security Research & Analytics Center Vine Avenue Moncton NB,Canada, PO E1E 1J9
Indian Cyber Security Solutions Australia (Research and Development Center)11 Darling Street, Hughesdale Melbourne VIC. 3166