VAR-201609-0703
Vulnerability from variot - Updated: 2022-10-19 22:14ZKTecoZKAccessProfessional is an access control management system. ZKTecoZKAccessProfessional3.5.3 file privilege escalation vulnerability caused by the error attribute of the authenticated user of the 'M' flag. ZKAccess 3.5 is a desktop software which is suitablefor small and medium businesses application. Compatible withall ZKAccess standalone reader controllers, the software cansimultaneously manage access control and generate attendancereport. The brand new flat GUI design and humanized structureof new ZKAccess 3.5 will make your daily management more pleasantand convenient.ZKAccess suffers from an elevation of privileges vulnerabilitywhich can be used by a simple authenticated user that can change theexecutable file with a binary of choice. The vulnerability exist dueto the improper permissions, with the 'M' flag (Modify) for 'Authenticated Users'group.Tested on: Microsoft Windows 7 Ultimate SP1 (EN)Microsoft Windows 7 Professional SP1 (EN)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201609-0703",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zkaccess professional",
"scope": "eq",
"trust": 0.6,
"vendor": "zkteco",
"version": "3.5.3"
},
{
"model": "zkaccess professional",
"scope": "eq",
"trust": 0.1,
"vendor": "zkteco",
"version": "3.5.3 (build 0005)"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
}
],
"trust": 0.1
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-07217",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2016-07217",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "ZSL",
"id": "ZSL-2016-5361",
"trust": 0.1,
"value": "(2/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZKTecoZKAccessProfessional is an access control management system. ZKTecoZKAccessProfessional3.5.3 file privilege escalation vulnerability caused by the error attribute of the authenticated user of the \u0027M\u0027 flag. ZKAccess 3.5 is a desktop software which is suitablefor small and medium businesses application. Compatible withall ZKAccess standalone reader controllers, the software cansimultaneously manage access control and generate attendancereport. The brand new flat GUI design and humanized structureof new ZKAccess 3.5 will make your daily management more pleasantand convenient.ZKAccess suffers from an elevation of privileges vulnerabilitywhich can be used by a simple authenticated user that can change theexecutable file with a binary of choice. The vulnerability exist dueto the improper permissions, with the \u0027M\u0027 flag (Modify) for \u0027Authenticated Users\u0027group.Tested on: Microsoft Windows 7 Ultimate SP1 (EN)Microsoft Windows 7 Professional SP1 (EN)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07217"
},
{
"db": "ZSL",
"id": "ZSL-2016-5361"
}
],
"trust": 0.63
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/zkaccess_eop.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "EXPLOIT-DB",
"id": "40323",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-07217",
"trust": 0.6
},
{
"db": "CXSECURITY",
"id": "WLB-2016080265",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "138566",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2016-5361",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"id": "VAR-201609-0703",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
],
"trust": 1.35
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"last_update_date": "2022-10-19T22:14:36.166000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "https://www.exploit-db.com/exploits/40323/"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2016080265"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116486"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/138566"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-30T00:00:00",
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"date": "2016-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-26T00:00:00",
"db": "ZSL",
"id": "ZSL-2016-5361"
},
{
"date": "2016-09-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-07217"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZKTeco ZKAccess Professional 3.5.3 File Privilege Escalation Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-07217"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Local,Privilege Escalation",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2016-5361"
}
],
"trust": 0.1
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…