Attackers with local access to the medical office computer can
escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by
overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is
writable for all users. In addition, the Elefant installer registers two
Firebird database services which are running as “NT AUTHORITY\SYSTEM”.
Path: C:\Elefant1\Firebird_2\bin\fbserver.exe
Path: C:\Elefant1\Firebird_2\bin\fbguard.exe
Both service binaries are user writable. This means that a local
attacker can rename one of the service binaries, replace the service
executable with a new executable, and then restart the system. Once the
system has rebooted, the new service binary is executed as "NT
AUTHORITY\SYSTEM".
References
Configurations
No configuration.
History
08 Nov 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
Summary |
|
08 Nov 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-08 12:15
Updated : 2024-11-08 19:01
NVD link : CVE-2024-50590
Mitre link : CVE-2024-50590
CVE.ORG link : CVE-2024-50590
JSON object : View
Products Affected
No product.