Wowza Streaming Engine Local Privilege Escalation Vulnerability

A local privilege escalation vulnerability exists in Wowza Streaming Engine version 4.5.0. This vulnerability allows authenticated users to escalate privileges by replacing executable files, specifically the nssm_x64.exe binary, with malicious versions. The issue arises from improper file permissions that grant full access to the Everyone group, enabling unauthorized code execution with LocalSystem privileges when the affected services are restarted.

Impact

Exploitation of this vulnerability allows for local privilege escalation, where an authenticated user can gain elevated rights to execute code with LocalSystem privileges.

Reproduction

The vulnerability can be reproduced by an authenticated user who has access to the Wowza Streaming Engine 4.5.0 installation on a Windows system. The user can replace the nssm_x64.exe file in either the manager or engine service directories with a malicious executable. Once the file is replaced, the Wowza services can be restarted, which will execute the malicious code with LocalSystem privileges.