Advisory Details

February 10th, 2015

Motorola Scanner SDK rsmdriverproviderservice.exe Privilege Escalation Vulnerability

ZDI-15-036
ZDI-CAN-2516

CVE ID CVE-2015-1496
CVSS SCORE 7.2, AV:L/AC:L/Au:N/C:C/I:C/A:C
AFFECTED VENDORS Motorola
AFFECTED PRODUCTS Scanner SDK
VULNERABILITY DETAILS


This vulnerability allows local attackers to execute arbitrary code with elevated privileges on vulnerable installations of Motorola Scanner SDK. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the file permissions (ACLs) on an installed directory. RSMDriverProviderService.exe is vulnerable to tampering by all users. A local attacker can leverage this vulnerability to raise privileges and execute code under the context of SYSTEM.

ADDITIONAL DETAILS Motorola has issued an update to correct this vulnerability. More details can be found at:
https://portal.motorolasolutions.com/Support/US-EN/Resolution?solutionId=87666&redirectForm=search&searchQuery=%3FsearchType%3Dsimple%26searchTerm%3Dscanner%20sdk
DISCLOSURE TIMELINE
  • 2014-09-05 - Vulnerability reported to vendor
  • 2015-02-10 - Coordinated public release of advisory
CREDIT kernelsmith - Zero Day Initiative
BACK TO ADVISORIES