high
7.8
CWE
427 732
Advisory Published
Updated

CVE-2019-12133

First published: Tue Jun 18 2019(Updated: )

Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system start. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM. This affects Desktop Central 10.0.380, EventLog Analyzer 12.0.2, ServiceDesk Plus 10.0.0, SupportCenter Plus 8.1, O365 Manager Plus 4.0, Mobile Device Manager Plus 9.0.0, Patch Connect Plus 9.0.0, Vulnerability Manager Plus 9.0.0, Patch Manager Plus 9.0.0, OpManager 12.3, NetFlow Analyzer 11.0, OpUtils 11.0, Network Configuration Manager 11.0, FireWall 12.0, Key Manager Plus 5.6, Password Manager Pro 9.9, Analytics Plus 1.0, and Browser Security Plus.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Zohocorp Manageengine Analytics Plus=1.0
Zohocorp Manageengine Browser Security Plus
Zohocorp Manageengine Desktop Central=10.0.380
Zohocorp Manageengine Eventlog Analyzer=12.0.2
Zohocorp Manageengine Firewall=12.0
Zohocorp Manageengine Key Manager Plus=5.6
Zohocorp Manageengine Mobile Device Manager Plus=9.0.0
Zohocorp Manageengine Netflow Analyzer=11.0
Zohocorp Manageengine Network Configuration Manager=11.0
Zohocorp Manageengine O365 Manager Plus=4.0
Zohocorp ManageEngine OpManager=12.3
Zohocorp Manageengine Oputils=11.0
Zohocorp Manageengine Password Manager Pro=9.9
Zohocorp Manageengine Patch Connect Plus=9.0.0
Zohocorp Manageengine Patch Manager Plus=9.0.0
Zohocorp Manageengine Servicedesk Plus=10.0.0
Zohocorp Manageengine Supportcenter Plus=8.1
Zohocorp Manageengine Vulnerability Manager Plus=9.0.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2019-12133?

    CVE-2019-12133 is a vulnerability that affects multiple Zoho ManageEngine products, allowing for local privilege escalation due to improper permissions.

  • Which Zoho ManageEngine products are affected by CVE-2019-12133?

    The following Zoho ManageEngine products are affected by CVE-2019-12133: ManageEngine Analytics Plus, ManageEngine Browser Security Plus, ManageEngine Desktop Central, ManageEngine Eventlog Analyzer, ManageEngine Firewall, ManageEngine Key Manager Plus, ManageEngine Mobile Device Manager Plus, ManageEngine Netflow Analyzer, ManageEngine Network Configuration Manager, ManageEngine O365 Manager Plus, ManageEngine Opmanager, ManageEngine Oputils, ManageEngine Password Manager Pro, ManageEngine Patch Connect Plus, ManageEngine Patch Manager Plus, ManageEngine Servicedesk Plus, ManageEngine Supportcenter Plus, ManageEngine Vulnerability Manager Plus.

  • What is the severity of CVE-2019-12133?

    The severity of CVE-2019-12133 is rated as high, with a severity score of 7.8.

  • How does CVE-2019-12133 work?

    CVE-2019-12133 allows attackers to escalate their privileges by exploiting the improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders in the affected Zoho ManageEngine products.

  • How can I fix CVE-2019-12133?

    To fix CVE-2019-12133, it is recommended to apply the patches or updates provided by Zoho for the affected ManageEngine products.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203