Hasleo Backup Suite Free Insecure Permissions Vulnerability Allowing Privilege Escalation
Vulnerability
A vulnerability exists in Hasleo Backup Suite Free versions through 4.9.4, allowing insecure permissions via the file recovery function. This flaw can be exploited by low-privileged users to perform arbitrary file writes, potentially overwriting critical system files or placing malicious executables in sensitive directories. Such actions could lead to unauthorized administrative access on the Windows system.
Impact
Exploitation of this vulnerability allows for arbitrary file writes, which can overwrite files in system directories or place executables in locations that execute on startup, leading to unauthorized administrative access.
Reproduction
The vulnerability can be reproduced by creating a backup of a file as a low-privileged user, then using a symbolic link to direct the backup recovery process to overwrite a file in a protected system directory. After successfully replacing the file, privileges can be escalated by placing an executable in the Windows startup folder, which will run automatically when the user logs in.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.