CVE-2018-18435 — HIGH (7.8)

Q: How severe is CVE-2018-18435?

CVE-2018-18435 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-18435?

Check the references section above for vendor advisories and patch information. Affected products include: Kioware Kioware Server.

Vulnerability Description

KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService" which runs as "Localsystem", this will allow any user to escalate privileges to "NT AUTHORITY\SYSTEM" by substituting the service's binary with a malicious one.

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Kioware	Kioware Server	<= 4.9.6

Related Weaknesses (CWE)

CWE-732

References

http://packetstormsecurity.com/files/151031/KioWare-Server-4.9.6-Privilege-EscalExploitThird Party AdvisoryVDB Entry
https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md
https://m.kioware.com/news/kioware-press-releases/kioware_server_security_patch_PatchVendor Advisory
https://www.exploit-db.com/exploits/46093/ExploitThird Party AdvisoryVDB Entry
https://www.kioware.com/patch.aspxPatchVendor Advisory
http://packetstormsecurity.com/files/151031/KioWare-Server-4.9.6-Privilege-EscalExploitThird Party AdvisoryVDB Entry
https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-002.md
https://m.kioware.com/news/kioware-press-releases/kioware_server_security_patch_PatchVendor Advisory
https://www.exploit-db.com/exploits/46093/ExploitThird Party AdvisoryVDB Entry
https://www.kioware.com/patch.aspxPatchVendor Advisory

FAQ

What is CVE-2018-18435?

CVE-2018-18435 is a vulnerability with a CVSS score of 7.8 (HIGH). KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's ...

How severe is CVE-2018-18435?

CVE-2018-18435 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-18435?

Check the references section above for vendor advisories and patch information. Affected products include: Kioware Kioware Server.