Incorrect default permissions in Cradlepoint NetCloud Exchange
- Cradlepoint NetCloud Exchange Client, 1.110.50 version.
INCIBE has coordinated the publication of a high severity vulnerability affecting the NetCloud Exchange client, version 1.110.50, a unified WAN and security architecture owned by Cradlepoint, which was discovered by Alexander Huaman.
The vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and CWE vulnerability type:
- CVE-2024-11969: CVSS v3.1: 8.8 | CVSS AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | CWE-276.
The vulnerability has been fixed by the Cradlepoint team in version 57.
CVE-2024-11969: the NetCloud Exchange client for Windows, version 1.110.50, contains an insecure file and folder permissions vulnerability. A normal (non-admin) user could exploit the weakness in file and folder permissions to escalate privileges, execute arbitrary code and maintain persistence on the compromised machine.
It has been identified that full control permissions exist on the ‘Everyone’ group (i.e. any user who has local access to the operating system regardless of their privileges). In the following installation paths:
- C:Archivos de Programa\Cradlepoint\cores
- C:Archivos de programaCradlepoint\logs
- C:Archivos de programa\Cradlepoint\pTray
- C:Archivos de Programa\Cradlepoint\cores
- C:Archivos de programaCradlepoint\logs
- C:Archivos de programa\Cradlepoint\pTray
