Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path

vendor:

Magic Mouse 2 Utilities

by:

SamAlucard

7.8

CVSS

HIGH

Unquoted Service Path

CWE

Product Name: Magic Mouse 2 Utilities

Affected Version From: 2.20

Affected Version To: 2.20

Patch Exists: NO

Related CWE: N/A

CPE: a:magic_utilities_pty:magic_mouse_2_utilities:2.20

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10 Home

2020

Magic Mouse 2 utilities 2.20 – ‘magicmouse2service’ Unquoted Service Path

A vulnerability exists in Magic Mouse 2 utilities 2.20, where the 'magicmouse2service' service is installed with an unquoted service path. This could allow an authenticated local attacker to gain elevated privileges on the system.

Mitigation:

Ensure that all service paths are properly quoted. Additionally, ensure that all services are running with the least privileges necessary.

Source

Exploit-DB raw data:

#Exploit Title: Magic Mouse 2 utilities  2.20 - 'magicmouse2service' Unquoted Service Path
#Exploit Author : SamAlucard
#Exploit Date: 2020-11-07
#Vendor : Magic Utilities Pty
#Version : 64-bit 2.20
#Vendor Homepage : https://magicutilities.net/magic-mouse/home
#Tested on OS: Windows 10 Home


#Analyze PoC :
==============

C:\>sc qc "magicmouse2service"
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: magicmouse2service
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Magic Mouse 2 -
Utilities\MagicMouse2Service.exe
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Magic Mouse 2 Service
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem