PT-2019-15146 · Zoho+1 · Zoho Manageengine Opmanager+2

Guy Levin

Published

2019-11-21

Updated

2021-04-29

CVE-2019-17421

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine OpManager version 12.4.072 Zoho ManageEngine Firewall Analyzer version 12.4.072

Description The issue arises from incorrect file permissions on the packaged Nipper executable file, allowing local users to elevate privileges to root by overwriting this file with a malicious payload.

Recommendations For Zoho ManageEngine OpManager version 12.4.072, update the file permissions of the Nipper executable to prevent local users from overwriting it. For Zoho ManageEngine Firewall Analyzer version 12.4.072, update the file permissions of the Nipper executable to prevent local users from overwriting it.

Exploit

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2019-17421

Affected Products

Nipper

Zoho Manageengine Firewall Analyzer

Zoho Manageengine Opmanager

PT-2019-15146 · Zoho+1 · Zoho Manageengine Opmanager+2

CVE-2019-17421

Weakness Enumeration

Related Identifiers

Affected Products

References · 5