Mador further explained that if a laptop using Huawei's USB device is being used by different employees-for example, one on the day shift, and another on the night shift, the night shift employee can effectively replace the legitimate mbbserviceopen file easily with malware, such as a password stealer.
"The essence of this vulnerability is that one user, even an unprivileged one, can run code as another user on a multiuser system when the dongle is inserted," Ziv Mador, VP Security Research at Trustwave SpiderLabs told BleepingComputer in an email interview. Privilege escalation attacks rely on a user with limited access to a system being able to obtain a higher level of access, in an illicit manner-such as through a vulnerability exploit, or improper permissions on shared files.īecause this particular vulnerability relies on tampering with the Huawei driver software installed on a computer, local or physical access to the computer is required, making this a case of local privilege escalation.īleepingComputer reached out to Trustwave to get some insights on the vulnerability: "All a malicious user needs to do is to replace the file with its own code and wait for a legitimate user to start using the cellular data service via Huawei device," says Rakhmanov. The mbbserviceopen file had full read/write/execute permissions for all users (Trustwave)
0 kommentar(er)
