SB2022022303 - Multiple vulnerabilities in WIN-911 2021

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Incorrect default permissions (CVE-ID: CVE-2022-23922)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions. A local user can write files to the Program Announcer directory and elevate permissions whenever the program is executed.

2) Incorrect default permissions (CVE-ID: CVE-2022-23104)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions. A local user can write a malicious DLL file to the Operator Workspace directory to achieve privilege escalation and the permissions of the user running the program.

Remediation

Install update from vendor's website.

References

• https://ics-cert.us-cert.gov/advisories/icsa-22-053-03
• https://supportdesk.win911.com/support/solutions/articles/24000074683-win-911-2021-r1-r2-file-permission-vulnerability