Posts

Showing posts with the label Privilege Escalation

CVE-2019-17421 Privilege Escalation Vulnerability In Zoho's OpManager & Firewall Analyzer

Image
Target 🎯 Vendor 🏭
ManageEngine which is a division in Zoho Corp. creates IT management software and tools. The company is a major player in IT management with over 90 tools, and 3 million users served in over 190 countries.
Products 💿 Two of ManageEngine's popular products are it's network firewall analyzer and network monitoring software respectively named ManageEngine Firewall Analyzer and ManageEngine OpManager. Vulnerability CVE-2019-17421 affects both (and possibly more) of these products.
Vulnerability ⚡ After I set these programs as my research targets, I installed their free trial version, and began mapping out the attack surface. The first thing I noticed is that the program runs as root. This is great for our purposes as this means any local vulnerability will lead to LPE (Local Privilege Escalation). To achieve my goal of finding a security bug, I am no longer limited to only the remotely accessible attack surface.

Next, I found the program defaultly installs it…