Ocuco Innovation Privilege Escalation Vulnerability in STOCKORDERENTRY.EXE

A privilege escalation vulnerability has been identified in Ocuco Innovation version 2.10.24.51, specifically within the STOCKORDERENTRY.EXE component. This vulnerability allows local attackers to gain unauthorized administrative access by intercepting and modifying TCP packets. Exploitation involves manipulating the login process to create new administrative users without proper authorization, bypassing security measures and granting full access to the software's functions.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative access, allowing attackers to manipulate sensitive data, disrupt operations, and potentially cause legal and reputational damage.

Reproduction

To reproduce this vulnerability, log into the Ocuco Innovation software with a privileged account. Then, intercept the TCP packets and modify them by replacing certain bytes with whitespace. This manipulation causes an access violation error, which can be exploited to bypass authentication requirements. Once the access controls are bypassed, the software can be used as an administrator, including creating new administrative users through the 'Users' menu.

Remediation

It is recommended to restrict network access to this software to authorized users only, until a patched version is available. Additionally, implementing stronger authentication mechanisms, using encrypted communication channels, and conducting regular security audits can help mitigate this vulnerability.