CVE-2018-18435

Name of the Vulnerable Software and Affected Versions KioWare Server versions 4.9.6 and older

Description The issue concerns weak folder permissions in the default installation directory, granting any user full access to the directory and its sub-folders. Additionally, a service called KWSService runs as Localsystem, allowing any user to potentially escalate privileges to NT AUTHORITYSYSTEM by substituting the service's binary with a malicious one.

Recommendations For KioWare Server versions 4.9.6 and older, consider restricting access to the installation directory and its sub-folders to prevent unauthorized modifications. As a temporary workaround, monitor the KWSService for any suspicious activity and consider disabling it until a patch is available. Restrict access to the service's binary to minimize the risk of exploitation.