CVE-2024-50592
CVSS V2 None
CVSS V3 None
Description
An attacker with local access the to medical office computer can
escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by
exploiting a race condition in the Elefant Update Service during the
repair or update process. When using the repair function, the service queries the server for a
list of files and their hashes. In addition, instructions to execute
binaries to finalize the repair process are included. The executables are executed as "NT AUTHORITY\SYSTEM" after they are
copied over to the user writable installation folder (C:\Elefant1). This
means that a user can overwrite either "PostESUUpdate.exe" or
"Update_OpenJava.exe" in the time frame after the copy and before the
execution of the final repair step. The overwritten executable is then executed as "NT AUTHORITY\SYSTEM".
Overview
- CVE ID
- CVE-2024-50592
- Assigner
- SEC-VLab
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-08T12:15:25.835Z
- Last Modified Date
- 2024-11-08T16:04:22.869Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://r.sec-consult.com/hasomed | third-party-advisory |
| https://hasomed.de/produkte/elefant/ | patch |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-50592 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50592 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-09 13:25:55 | Added to TrackCVE |