VDE-2024-053
Vulnerability from csaf_lenzese - Published: 2024-09-03 08:00 - Updated: 2025-03-13 11:30Summary
Lenze: Install Directory with insufficient permissions
Notes
Summary: The following tools:
* VisiWinNET Smart
* VisiWinNET Professional
* EASY UI Designer
create a directory with insufficient permissions, allowing a low-level user the ability to add and modify certain files that hold SYSTEM privileges, which could lead to privilege escalation.
Impact: The vulnerability allows a low-level user to escalate privileges to SYSTEM, which could lead to full system compromise.
Mitigation: Only use this tool in a protected and controlled environment to minimize network impact and to ensure that the tool is inaccessable from outside. In addition, the use of firewalls is recommended to reduce the attack surface, specially to the internet and the internal business network.
Remediation: Lenze has released version 1.6.1 of the EASY UI Designer tool, which fixes the identified security vulnerability. The other two tools are no longer recommended for new applications and are being prepared for discontinuation.
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version.
7.8 (High)
Mitigation
Only use this tool in a protected and controlled environment to minimize network impact and to ensure that the tool is inaccessable from outside. In addition, the use of firewalls is recommended to reduce the attack surface, specially to the internet and the internal business network.
Vendor Fix
Lenze has released version 1.6.1 of the EASY UI Designer tool, which fixes the identified security vulnerability. The other two tools are no longer recommended for new applications and are being prepared for discontinuation.
References
Acknowledgments
CERT@VDE
certvde.com
Lenze SE
www.lenze.com/en-us
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"organization": "Lenze SE",
"summary": "reporting",
"urls": [
"https://www.lenze.com/en-us"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "The following tools:\n* VisiWinNET Smart\n* VisiWinNET Professional\n* EASY UI Designer \ncreate a directory with insufficient permissions, allowing a low-level user the ability to add and modify certain files that hold SYSTEM privileges, which could lead to privilege escalation.",
"title": "Summary"
},
{
"category": "description",
"text": "The vulnerability allows a low-level user to escalate privileges to SYSTEM, which could lead to full system compromise.",
"title": "Impact"
},
{
"category": "description",
"text": "Only use this tool in a protected and controlled environment to minimize network impact and to ensure that the tool is inaccessable from outside. In addition, the use of firewalls is recommended to reduce the attack surface, specially to the internet and the internal business network.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Lenze has released version 1.6.1 of the EASY UI Designer tool, which fixes the identified security vulnerability. The other two tools are no longer recommended for new applications and are being prepared for discontinuation.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@lenze.com",
"name": "Lenze SE",
"namespace": "https://www.lenze.com"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Lenze SE",
"url": "https://certvde.com/en/advisories/vendor/lenze/"
},
{
"category": "self",
"summary": "VDE-2024-053: Lenze: Install Directory with insufficient permissions - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-053"
},
{
"category": "self",
"summary": "VDE-2024-053: Lenze: Install Directory with insufficient permissions - CSAF",
"url": "https://lenze.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-053.json"
}
],
"title": "Lenze: Install Directory with insufficient permissions",
"tracking": {
"aliases": [
"VDE-2024-053"
],
"current_release_date": "2025-03-13T11:30:00.000Z",
"generator": {
"date": "2025-03-19T15:02:53.134Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.21"
}
},
"id": "VDE-2024-053",
"initial_release_date": "2024-09-03T08:00:00.000Z",
"revision_history": [
{
"date": "2024-08-21T07:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2024-11-06T11:27:01.000Z",
"number": "2",
"summary": "Fix: correct certvde domain, added self-reference"
},
{
"date": "2025-03-13T11:30:00.000Z",
"number": "3",
"summary": "Fix: product version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EASY UI Designer",
"product": {
"name": "Lenze EASY UI Designer",
"product_id": "CSAFPID-11001"
}
},
{
"category": "product_name",
"name": "VisiWinNET Smart",
"product": {
"name": "Lenze VisiWinNET Smart",
"product_id": "CSAFPID-11002"
}
},
{
"category": "product_name",
"name": "VisiWinNET Professional",
"product": {
"name": "Lenze VisiWinNET Professional",
"product_id": "CSAFPID-11003"
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Firmware vers:all/*",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "\u003c1.6.0",
"product": {
"name": "Firmware \u003c1.6.0",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version",
"name": "1.6.1",
"product": {
"name": "Firmware 1.6.1",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Lenze"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c1.6.0 installed on Lenze EASY UI Designer",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Lenze VisiWinNET Smart",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware vers:all/* installed on Lenze VisiWinNET Professional",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 1.6.1 installed on Lenze EASY UI Designer",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-31468",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The \"%PROGRAMFILES(X86)%\\INOSOFT GmbH\" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only use this tool in a protected and controlled environment to minimize network impact and to ensure that the tool is inaccessable from outside. In addition, the use of firewalls is recommended to reduce the attack surface, specially to the internet and the internal business network.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Lenze has released version 1.6.1 of the EASY UI Designer tool, which fixes the identified security vulnerability. The other two tools are no longer recommended for new applications and are being prepared for discontinuation.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003"
]
}
],
"title": "CVE-2023-31468"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…