ZKTeco ZKAccess Professional Privilege Escalation Vulnerability via Insecure File Permissions
Vulnerability
A privilege escalation vulnerability has been identified in ZKTeco ZKAccess Professional version 3.5.3. This vulnerability arises from insecure file permissions that allow authenticated users to modify executable files. By exploiting the Modify permission assigned to the Authenticated Users group, individuals can replace executable binaries with malicious code, leading to unauthorized privilege escalation.
Impact
Exploitation of this vulnerability allows authenticated users to gain elevated privileges on the system by replacing executable files with malicious binaries.
Reproduction
The vulnerability can be reproduced by an authenticated user who has access to the ZKAccess Professional application. The user can leverage the Modify permission granted to the Authenticated Users group to change executable files within the application directory. This can be done by replacing original binaries with modified ones that contain malicious code, thereby escalating privileges when the altered executables are executed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.