Found CVE-2018-18252, Capmon enhance their privilege command handling technique in new version.

Preface: In order to avoid cyber attack and insider threat. The monitoring feature is a critical feature in IT world.

Background: CapMon monitors and collects information from the infrastructure and applications. The system does not require installation of extra software on other units in the network. CapMon IT monitoring has a Web based user interface, ensuring fast access to the various functionalities.

Vulnerability details:
Design weakness in this software – all priviliges commands “only” grants local administrator privilege. There is a command that allows for even higher privilege escalation – namely the “CALScriptDRUN” command.
The fact is that an issue was discovered in CapMon Access Manager 5.4.1.1005. CALRunElevated.exe provides “NT AUTHORITY\SYSTEM” access to unprivileged users via the –system option.

Should you have interest, please refer to Improsec analytic report, url shown as below: https://improsec.com/tech-blog/cam1

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.