Vulners
Lucene search
mRemoteNG 1.76.20 Privilege Escalation
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2020-24307 | 2 Feb 202314:14 | – | circl |
 | mRemoteNG 安全漏洞 | 31 Jan 202300:00 | – | cnnvd |
 | CVE-2020-24307 | 2 Feb 202300:00 | – | cve |
 | CVE-2020-24307 | 2 Feb 202300:00 | – | cvelist |
 | CVE-2020-24307 | 2 Feb 202312:15 | – | nvd |
 | CVE-2020-24307 | 2 Feb 202312:15 | – | osv |
 | Design/Logic Flaw | 2 Feb 202312:15 | – | prion |
 | PT-2023-11671 · Mremoteng · Mremoteng | 2 Feb 202300:00 | – | ptsecurity |
 | CVE-2020-24307 | 22 May 202517:01 | – | redhatcve |
`mRemoteNG mRemoteNG v1.76.20 Privilege Escalation
Detailed Information
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Product Name: mRemoteNG
Vendor Home Page: https://mremoteng.org
Vulnerable Version: mRemoteNG v1.76.20
Fixed Version: mRemoteNG v1.76.20.24615
Vulnerability Type: Improper Access Control (CWE-284)
CVE Reference: CVE-2020-24307
Author of Advisory: Thurein Soe
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Product Description:
mRemoteNG is an open-source multi-protocol, remote connections manager for
Windows that allows managing multiple diverse connections with remote
systems.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Vulnerability description:
Windows service permissions is a type of local privilege escalation in the
windows operating system. Weak service permissions run with system user
permission that allows a standard user to elevate to administrator
privilege on the compromised system upon successfully modifying the
service. mRemoteNG.exe was giving modify permission to any authenticated
users in the windows operating system that allows standard users to modify
the service resulting in leading Privilege Escalation.
C:\Users\NyaMeeEain>icacls "C:\Program Files (x86)\mRemoteNG\mRemoteNG.exe"
C:\Program Files (x86)\mRemoteNG\mRemoteNG.exe APPLICATION PACKAGE
AUTHORITY\ALL APPLICATION PACKAGES:(M)
BUILTIN\Users:(M)
APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(I)(M)
NT AUTHORITY\SYSTEM:(I)(F)
BUILTIN\Administrators:(I)(F)
BUILTIN\Users:(I)(RX)
APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(I)(RX)
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
References:
https://www.immuniweb.com/vulnerability/improper-access-control.html
https://www.cvedetails.com/cwe-details/284/Access-Control-Authorization-Issues.html
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Credits:
Thurein Soe
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
31 Jan 2023 00:00Current
0.7Low risk
Vulners AI Score0.7
EPSS0.00139