cve-2019-12731

Privilege Escalation in Snapview Mikogo

Title

Privilege Escalation in Snapview Mikogo

Product

Mikogo

Vulnerable Version

< 5.10.2

Fixed Version

5.10.2

CVE Number

CVE-2019-12731

Impact

High

Homepage

https://www.mikogo.com/

The screen sharing software Mikogo by Snapview is affected by a privilege escalation vulnerability, allowing arbitrary users with access to a workstation provided with Mikogo to escalate their privileges and issue arbitrary commands in the context of the SYSTEM user. The vendor provides patched versions of the software which should be installed immediately.

 

Product Description

Mikogo is a desktop sharing solution that is ideal for web conferencing, online presentations and remote maintenance. With Mikogo, you can share your screen content with up to 25 participants over the Internet - whatever you see, your participants will see!
Mikogo offers a quick and easy solution for anyone who wants to collaborate online. Mikogo eliminates the need for on-site visits when the same task can be solved online via desktop sharing.

Source (translated): https://www.mikogo.de/downloads/docs/mikogo-product-description.pdf

Vulnerability Description

It was determined that, on Windows Systems, the installed Mikogo screen sharing software allows the local user to escalate his / her privileges to the SYSTEM level, effectively resulting in local administrative privileges.
The local Mikogo service client component is running under system privileges. When the user starts the Mikogo GUI component, this component inherits system privileges from the service component. The GUI component allows to access arbitrary files and to execute other programs which, in turn, will again inherit system privileges. An attacker can exploit this vulnerability in order to escalate his privileges to administrative.

 

Proof of Concept

N/A

 

Solution / Workaround

The reported vulnerability is fixed in software versions 5.10.2 and above. It is recommended to update existing software installations immediately.