Description Preview
A vulnerability has been identified in ks-soft Advanced Host Monitor versions up to 12.56. The vulnerability involves an unquoted service path in the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. This security flaw could allow a local attacker to escalate privileges by placing a malicious executable in a location that would be executed instead of the intended program due to the way Windows resolves unquoted paths.
Overview
The vulnerability exists because the service path for Advanced Host Monitor is not properly enclosed in quotation marks. When Windows attempts to execute a program with spaces in its path and without quotes, it will first try to execute from each space-delimited segment of the path. For example, with the path C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe, Windows would try:
- C:\Program.exe
- C:\Program Files.exe
- C:\Program Files (x86)\HostMonitor.exe And so on, before finally executing the intended file.
This behavior allows an attacker with local access to place a malicious executable named after one of these attempted paths, which would then be executed with the privileges of the service, potentially leading to privilege escalation.
Remediation
To address this vulnerability, users should:
- Upgrade to Advanced Host Monitor version 12.60 or later, which fixes the unquoted service path issue.
- If immediate upgrading is not possible, administrators can manually modify the service path to include quotation marks around the executable path.
- Implement the principle of least privilege by ensuring services run with minimal necessary permissions.
- Monitor for unauthorized file creation in the affected directories.
References
- Packet Storm Security - Advanced Host Monitor 12.56 Unquoted Service Path: http://packetstormsecurity.com/files/172105/Advanced-Host-Monitor-12.56-Unquoted-Service-Path.html
- VulDB Entry 227714: https://vuldb.com/?id.227714
- VulDB CTI Entry: https://vuldb.com/?ctiid.227714
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- Accommodation & Food ServicesAccommodation & Food Services
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting
- Arts, Entertainment & RecreationArts, Entertainment & Recreation
- ConstructionConstruction
- Educational ServicesEducational Services
- Finance and InsuranceFinance and Insurance
- Health Care & Social AssistanceHealth Care & Social Assistance
- InformationInformation
- Management of Companies & EnterprisesManagement of Companies & Enterprises
- ManufacturingManufacturing
- MiningMining
- Other Services (except Public Administration)Other Services (except Public Administration)
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services
- Public AdministrationPublic Administration
- Real Estate Rental & LeasingReal Estate Rental & Leasing
- Retail TradeRetail Trade
- Transportation & WarehousingTransportation & Warehousing
- UtilitiesUtilities
- Wholesale TradeWholesale Trade
