| Title | Intelbras InControl 2.21.56 Unquoted Service Path via "incontrolWebcam" Service |
|---|
| Description | Title: Unquoted Service Path via "incontrolWebcam" service.
An "Unquoted Service Path" vulnerability has been identified in InControl software version 2.21.56. This vulnerability allows a local attacker with limited permissions on the system to execute a malicious binary with elevated privileges, potentially compromising the integrity of the system.
When downloading and installing version 2.21.56 of InControl, the following command was run to list the services configured to start automatically on the system, excluding those located in the default Windows directory:
wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
This command allowed us to identify services whose executable path is not properly enclosed in quotation marks. The "incontrolWebcam" service was highlighted in the output:
sc qc "incontrolWebcam"
[SC] QueryServiceConfig ÊXITO
NOME_DO_SERVIÇO: incontrolWebcam
TIPO : 10 WIN32_OWN_PROCESS
TIPO_DE_INÍCIO : 2 AUTO_START
CONTROLE_DE_ERRO : 1 NORMAL
NOME_DO_CAMINHO_BINÁRIO : C:\Program Files (x86)\intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service.exe
GRUPO_DE_ORDEM_DE_CARREG. :
MARCA : 0
NOME_PARA_EXIBIÇÃO : Incontrol Webcam
DEPENDÊNCIAS :
NOME_DO_INÍCIO_DO_SERVIÇO : LocalSystem |
|---|
| Source | ⚠️ https://www.intelbras.com/pt-br/software-de-gerenciamento-de-controle-de-acesso-incontrol-web |
|---|
| User | Stux (UID 40142) |
|---|
| Submission | 06/10/2024 14:16 (2 years ago) |
|---|
| Moderation | 06/17/2024 18:52 (7 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 268822 [Intelbras InControl 2.21.56 incontrolWebcam Service unquoted search path] |
|---|
| Points | 20 |
|---|