Input validation error in EasyInstall

#VU24769 Input validation error in EasyInstall

Published: 2020-01-30

Vulnerability identifier: #VU24769

Vulnerability risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-19895

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
EasyInstall
Client/Desktop applications / Other client software

Vendor: IXP Data

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the Lateral Movement (using the Agent Service) against other users on a client system. A remote authenticated attacker can modify "%SYSTEMDRIVE%IXPSW[PACKAGE_CODE]EveryLogon.bat" to achieve this movement and execute code in the context of other users.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

EasyInstall: 6.2.13723

External links
http://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IXP EasyInstall