Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path

vendor:

Microsoft Exchange Server

by:

Antonio Cuomo

5.5

CVSS

MEDIUM

Unquoted Service Path

428

CWE

Product Name: Microsoft Exchange Server

Affected Version From: 15.0.847.40

Affected Version To: 15.0.847.40

Patch Exists: NO

Related CWE:

CPE: a:microsoft:exchange_server:15.0.847.40

Metasploit:

Other Scripts:

Platforms Tested: Windows

2022

Microsoft Exchange Mailbox Assistants 15.0.847.40 – ‘Service MSExchangeMailboxAssistants’ Unquoted Service Path

The Microsoft Exchange Mailbox Assistants service (MSExchangeMailboxAssistants) in version 15.0.847.40 has an unquoted service path vulnerability, which allows an attacker to potentially escalate privileges on the system.

Mitigation:

The vendor has not released a patch for this vulnerability. To mitigate the risk, users are advised to ensure that the service path is properly quoted.

Source

Exploit-DB raw data:

# Exploit Title: Microsoft Exchange Mailbox Assistants  15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path
# Exploit Author: Antonio Cuomo (arkantolo)
# Exploit Date: 2022-04-11
# Vendor : Microsoft
# Version : 15.0.847.40
# Tested on OS: Microsoft Exchange Server 2013 SP1

#PoC :
==============

C:\>sc qc MSExchangeMailboxAssistants
[SC] QueryServiceConfig OPERAZIONI RIUSCITE

NOME_SERVIZIO: MSExchangeMailboxAssistants
        TIPO                      : 10  WIN32_OWN_PROCESS
        TIPO_AVVIO                : 2   AUTO_START
        CONTROLLO_ERRORE          : 1   NORMAL
        NOME_PERCORSO_BINARIO     : C:\Program Files\Microsoft\Exchange Server\V15\Bin\MSExchangeMailboxAssistants.exe
        GRUPPO_ORDINE_CARICAMENTO : 
        TAG                       : 0
        NOME_VISUALIZZATO         : Microsoft Exchange Mailbox Assistants
        DIPENDENZE                :
        SERVICE_START_NAME : LocalSystem