Ocuco Innovation INVCLIENT.EXE Privilege Escalation Vulnerability

A vulnerability in Ocuco Innovation's INVCLIENT.EXE version 2.10.24.5 allows attackers to bypass authentication and escalate privileges to Administrator. This is achieved by intercepting and modifying TCP packets, manipulating the login process to gain unauthorized administrative access.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative access, allowing attackers to manipulate sensitive data, disrupt operations, and potentially cause legal and reputational damage.

Reproduction

To reproduce this vulnerability, log into the Ocuco Innovation software 'Inventory Manager' with administrative privileges. Then, intercept the TCP packets and modify them by replacing certain bytes with whitespace. This manipulation causes an access violation error, which can be exploited to bypass authentication and gain administrative access. Once access is obtained, navigate to the user management section to create a new administrative user, successfully logging in with the newly created account.

Remediation

It is recommended to restrict network access to this software to authorized users only, until a patched version is released. Additionally, implementing stronger authentication mechanisms, using encrypted communication channels, conducting regular security audits, and educating users about cybersecurity practices can help mitigate this vulnerability.