Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path

vendor:

BlueSoleilCS

by:

7.8

CVSS

HIGH

Unquoted Service Path

CWE

Product Name: BlueSoleilCS

Affected Version From: BlueSoleilCS 5.4.277

Affected Version To: BlueSoleilCS 5.4.277

Patch Exists: NO

Related CWE:

CPE: a:ivt_corporation:bluesoleilcs:5.4.277

Metasploit:

Other Scripts:

Platforms Tested: Windows 7 Pro

2022

Bluetooth Application 5.4.277 – ‘BlueSoleilCS’ Unquoted Service Path

This software installs EDTService.exe version 11.10.2.1, which is vulnerable to Unquoted Service Path vulnerability. This vulnerability allows an attacker to gain elevated privileges on the system.

Mitigation:

Ensure that all services have a fully qualified path to the executable. This can be done by using the Windows Services Manager or the sc.exe command.

Source

Exploit-DB raw data:

#Exploit Title: Bluetooth Application 5.4.277 - 'BlueSoleilCS' Unquoted Service Path
#Exploit Date: 2022-02-17
#Vendor :  IVT Corp
#Version : BlueSoleilCS 5.4.277
#Vendor Homepage : www.ivtcorporation.com
#Tested on OS: Windows 7 Pro

#This software installs EDTService.exe version 11.10.2.1

#Analyze PoC :
==============
C:\>sc qc BlueSoleilCS
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: BlueSoleilCS
        TIPO               : 120  WIN32_SHARE_PROCESS (interactive)
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files\IVT
Corporation\BlueSoleil\BlueSoleilCS.exe
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : BlueSoleilCS
        DEPENDENCIAS       : RPCSS
        NOMBRE_INICIO_SERVICIO: LocalSystem