(0Day) ABB DataManagerPro File Permissions Privilege Escalation Vulnerability

ID ZDI-16-479
Type zdi
Reporter rgod
Modified 2016-11-09T00:00:00


This vulnerability allows attackers to escalate their privilege to system administrator on vulnerable installations of ABB DataManagerPro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the file permissions set during product installation. The World account is set to have full rights to the directory that contains the binaries that are executed by system administrators. File substitution would then allow a standard user on the system to replace code that is subsequently run by a system administrator.