Privilege escalation in Johnson Controls exacqVision Server



Published: 2019-07-22
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-7590
CWE-ID CWE-428
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		exacqVision Server
Client/Desktop applications / Software for system administration

Vendor Johnson Controls

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Unquoted Search Path or Element

EUVDB-ID: #VU19255

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-7590

CWE-ID: CWE-428 - Unquoted Search Path or Element

Exploit availability: No

Description

The vulnerability allows a local user to elevate their privileges.

The vulnerability exist due to the some services have an unquoted service path. A local authenticated user can insert code in the system root path during the application startup.

This vulnerability only impacts exacqVision Server running on a Windows operating system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

exacqVision Server: 9.6 - 9.8

External links

http://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2019/jcipsa2...


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###