Vulnerability Description
CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecure communication channel (Named Pipe). The data (JSON) sent via this channel is used to import data from CRM software using plugins (.dll files). The plugin to import data from the EXQUISE software (DatasourceExquiseExporter.dll) can be persuaded to start arbitrary programs (including batch files) that are executed using the same privileges as Recognition Update Client Service (NT AUTHORITY\SYSTEM), thus elevating privileges. This occurs because a higher-privileged process executes scripts from a directory writable by a lower-privileged user.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cloudcti | Hip Integrator Recognition Configuration Tool | - |
Related Weaknesses (CWE)
References
- https://github.com/KPN-CISO/CVE-2019-9745/blob/master/README.mdExploitThird Party Advisory
- https://www.cloudcti.nl/Site/SecurityVendor Advisory
- https://github.com/KPN-CISO/CVE-2019-9745/blob/master/README.mdExploitThird Party Advisory
- https://www.cloudcti.nl/Site/SecurityVendor Advisory
FAQ
What is CVE-2019-9745?
CVE-2019-9745 is a vulnerability with a CVSS score of 7.8 (HIGH). CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service (Recognition Update Client Service) via an insecur...
How severe is CVE-2019-9745?
CVE-2019-9745 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9745?
Check the references section above for vendor advisories and patch information. Affected products include: Cloudcti Hip Integrator Recognition Configuration Tool.