PT-2017-17971 · Apc · Apc Ups Daemon

Fragsh3Ll

Published

2017-06-16

Updated

2019-10-03

CVE-2017-7884

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions APC UPS Daemon versions through 3.14.14

Description The default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges. This is possible by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup, due to "RW NT AUTHORITYAuthenticated Users" permissions for %SYSTEMDRIVE%apcupsdbinapcupsd.exe.

Recommendations For APC UPS Daemon versions through 3.14.14, consider restricting write access to the %SYSTEMDRIVE%apcupsdbinapcupsd.exe file to prevent replacement with a malicious executable. As a temporary workaround, monitor the integrity of the apcupsd.exe file to detect any unauthorized changes.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2017-7884

Affected Products

Apc Ups Daemon

PT-2017-17971 · Apc · Apc Ups Daemon

CVE-2017-7884

Weakness Enumeration

Related Identifiers

Affected Products

References · 5