CVE-2023-48654

Name of the Vulnerable Software and Affected Versions One Identity Password Manager versions prior to 5.13.1

Description The issue allows Kiosk Escape in One Identity Password Manager, which enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium-based browser in Kiosk mode to provide the reset functionality. The escape sequence involves navigating to the Google ReCAPTCHA section, clicking on the Privacy link, observing a new browser window, navigating to any website that offers file upload, navigating to cmd.exe from the file explorer window, and launching cmd.exe as NT AUTHORITYSYSTEM.

Recommendations For versions prior to 5.13.1, update to version 5.13.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Google ReCAPTCHA section and disabling file upload functionality in the Kiosk mode browser until a patch is available. Avoid using the Kiosk mode browser to navigate to untrusted websites, and restrict the launch of cmd.exe as NT AUTHORITYSYSTEM to minimize the risk of exploitation.