An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTINUsers:(M) is present.
Weakness
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mremoteng | Mremoteng | 1.76.20 (including) | 1.76.20 (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/122.html
- https://cwe.mitre.org/data/definitions/233.html
- https://cwe.mitre.org/data/definitions/58.html
References
- https://github.com/NyaMeeEain/Infrastructure-Assessment/blob/master/Privilege%20Escalation/Common%20Windows%20Privilege%20Escalation.md
- https://github.com/mRemoteNG/mRemoteNG/issues/2338
- https://packetstormsecurity.com/files/170794/mRemoteNG-1.76.20-Privilege-Escalation.html
- https://github.com/NyaMeeEain/Infrastructure-Assessment/blob/master/Privilege%20Escalation/Common%20Windows%20Privilege%20Escalation.md
- https://github.com/mRemoteNG/mRemoteNG/issues/2338
- https://packetstormsecurity.com/files/170794/mRemoteNG-1.76.20-Privilege-Escalation.html