Hirschmann Industrial HiVision Arbitrary Code Execution Vulnerability via External Application Path Hijacking

A vulnerability exists in Hirschmann Industrial HiVision versions 08.1.03 prior to 08.1.04 and 08.2.00, allowing local attackers to execute arbitrary binaries. This issue arises from inadequate path sanitization in the execution of user-configured external applications. An attacker can place a malicious binary in the execution path, which is then executed instead of the intended application. Depending on the context, this could lead to execution with elevated privileges.

Impact

Exploitation of this vulnerability allows local attackers to execute arbitrary code with elevated privileges, potentially leading to unauthorized actions or access within the application or system.

Reproduction

To reproduce this vulnerability, a local attacker must place a malicious binary in the execution path of a user-configured external application, ensuring that the path contains at least one whitespace. Once the application is triggered, the malicious binary will be executed instead of the intended application.

Remediation

Users are advised to update to Hirschmann Industrial HiVision version 08.1.04 or higher or 08.2.00 or higher.