ForensiT AppX Management Service Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A vulnerability exists in ForensiT AppX Management Service version 2.2.0.4, where an unquoted service path allows local users to execute arbitrary code with elevated privileges. Exploitation involves injecting malicious code into the service path, which would then be executed with LocalSystem permissions when the service starts.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of code with elevated system privileges, allowing local users to perform actions as the LocalSystem account.
Reproduction
The vulnerability can be reproduced by verifying the service configuration with the Windows Management Instrumentation Command-line (WMIC) tool. The unquoted service path can be exploited by placing a malicious executable in a location that the system will search before the unquoted path is fully resolved, allowing the code to be executed with elevated privileges.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.