File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path

vendor:

File Sanitizer for HP ProtectTools

by:

SamAlucard

7.8

CVSS

HIGH

Unquoted Service Path

CWE

Product Name: File Sanitizer for HP ProtectTools

Affected Version From: File Sanitizer for HP ProtectTools 5.0.1.3

Affected Version To: File Sanitizer for HP ProtectTools 5.0.1.3

Patch Exists: NO

Related CWE:

CPE: a:hewlett-packard:file_sanitizer_for_hp_protecttools

Metasploit:

Other Scripts:

Platforms Tested: Windows 7 Pro

2022

File Sanitizer for HP ProtectTools 5.0.1.3 – ‘HPFSService’ Unquoted Service Path

The vulnerability exists due to an unquoted service path in the HPFSService service. A local attacker can exploit this vulnerability to gain elevated privileges on the affected system.

Mitigation:

Ensure that all service paths are properly quoted. Additionally, ensure that all services are running with the least privileges necessary.

Source

Exploit-DB raw data:

#Exploit Title:  File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path
#Exploit Author : SamAlucard
#Exploit Date: 2022-02-14
#Vendor :  Hewlett-Packard(HP)
#Version : File Sanitizer for HP ProtectTools 5.0.1.3
#Vendor Homepage : http://www.hp.com
#Tested on OS: Windows 7 Pro

#Analyze PoC :
==============

C:\>sc qc HPFSService
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: HPFSService
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Hewlett-Packard\File
Sanitizer\HPFSService.exe
        GRUPO_ORDEN_CARGA  : File System
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : File Sanitizer for HP ProtectTools
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem