The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45…
mitre·CWE-732·Published 2018-09-26
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which allows local users to gain privileges, as demonstrated by inserting a Trojan horse ServiceManager.exe file into the "Web Connecton\EE40\BackgroundService" directory.
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which allows local users to gain privileges, as demonstrated by inserting a Trojan horse ServiceManager.exe file into the "Web Connecton\EE40\BackgroundService" directory.
El instalador para el componente OSPREY3_MINI en modems Alcatel de banda ancha móvil 4G EE EE40VB con firmware en versiones anteriores a la EE40_00_02.00_45 establece permisos débiles (Everyone:Full Control) para los directorios "Web Connecton\EE40" y "Web Connecton\EE40\BackgroundService", lo que permite que usuarios locales obtengan privilegios. Esto queda demostrado al insertar un archivo troyano ServiceManager.exe en el directorio "Web Connecton\EE40\BackgroundService".
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 9.3 | 8.6 | 10.0 | AV:N/AC:M/Au:N/C:C/I:C/A:C |
| 3.0 | Primary | NVD | 7.8 | 1.8 | 5.9 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |