CVSSv3.1 Range: 6.5 (Medium)
Issue Date: 2020-10-01
Updated On: 2020-10-01 (Initial Advisory)
Synopsis: Permissive rights on UpSlide Monitoring Service could lead to potential code execution
Advisory details
Impacted Products
UpSlide Add-In: Version 6.5.9.0 to 6.6.9.0
Introduction
Description
The UpSlide reactivation service is currently located under a folder that has permissive access rights. This service could be replaced by another executable without needing administrator rights on the computer.
Known Attack Vectors
Successful exploitation of this issue may allow an attacker to gain privileged access to the computer running code as a Windows Service.
Resolution
To fix the issue, the reactivation service should be moved to another folder with restricted rights. This can be achieved in two ways:
1. The existing reactivation service can be moved to a restricted folder via using a script that impacted clients have received
2. A new UpSlide installer could be generated and provided to you for deployment
- This installer removes the previous service and installs a new version of the service on a separate folder than the UpSlide installation folder.
- This folder will have restricted access.
Either option will achieve the same outcome. We recommend you start (1) immediately and wait for us to contact you for (2). We are systematically processing through our affected clients. Contact your account owner if you would like a status update on your specific package.
Fix introduced in
UpSlide Add-In: Version 6.6.10.3
Change Log
2020-10-01 UPS-2020-001: Initial Security Advisory
2020-10-02 UPS-2020-001: Details added
Contact
If you have any questions regarding this vulnerability, please contact UpSlide support via email: support@upslide.net
If you want to report a vulnerability on UpSlide products please contact security@upslide.net