Privilege Escalation via Client Management Software

Posted on Posted in Exploit, Paper

Client management is a very important task in modern enterprise IT environments as all computer systems, whether client or server, should be managed throughout their entire system life cycle.

There are many client management software solutions from different vendors that support IT managers and IT administrators in client management tasks like:

  • inventory
  • patch management
  • software deployment
  • license management

As a matter of principle, in order to perform these functions, client management software requires high privileges, usually administrative rights, on the managed client and server systems. Therefore, client management software is an interesting target for attackers as vulnerabilities in this kind of software may be leveraged for privilege escalation attacks within corporate networks.

During a penetration test of client and server systems of a corporate network, the SySS GmbH could find multiple security vulnerabilities in the client management software FrontRange Desktop & Server Management (DSM) v7.2.1.2020 [1] that could be successfully exploited in a privilege escalation attack resulting in administrative privileges for the entire Windows domain.

Quelle: Exploit-DB


Part 1