Ocuco Innovation Privilege Escalation Vulnerability in APPMANAGER.EXE

A privilege escalation vulnerability has been identified in Ocuco Innovation's APPMANAGER.EXE version 2.10.24.51. This vulnerability allows local attackers to gain unauthorized administrative access through the application manager function. Exploitation involves intercepting and modifying TCP packets to manipulate the login process, bypassing authentication checks and access controls. As a result, attackers can access the Application Manager and perform any actions within the software, effectively gaining full administrative rights.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative access, allowing attackers to manipulate sensitive data, disrupt operations, and potentially cause legal and reputational damage.

Reproduction

To reproduce this vulnerability, log into the Ocuco Innovation software 'Application Manager' with a privileged account. Then, intercept the TCP packets of the login process. Modify the intercepted packet by changing certain bytes to whitespace, which triggers an access violation error. This modification bypasses the authentication requirement, allowing access to the Application Manager without proper authorization. Once access is gained, any function within the software can be performed, including creating new administrative users.

Remediation

It is recommended to restrict network access to this software to authorized users only, until a patched version is available. Additionally, review and strengthen access controls to limit administrative privileges.