CVERadar

CVE-2024-50590

Medium Severity

SVRS

30/100

CVSSv3

NA/10

EPSS

0.00021/1

CVE-2024-50590 is a local privilege escalation vulnerability in Elefant, a medical office software, where attackers can gain SYSTEM level access. Local attackers can overwrite service binaries due to weak permissions, leading to arbitrary code execution. This flaw allows attackers with local access to escalate their privileges on the Windows system.

The vulnerability exists because the Elefant installation directory, "C:\Elefant1," is writable by all users, and the Firebird database services run as “NT AUTHORITY\SYSTEM”. By replacing the service executable, a local attacker can execute arbitrary code with the highest privileges after a reboot. The SVRS score is 30, indicating a moderate risk that should be addressed, despite not being considered critical, it still represents a significant security concern if local access is compromised. Successfully exploiting this vulnerability grants attackers complete control over the affected system. This underscores the importance of restricting write access to program directories and implementing robust permission controls.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-50590 | Hasomed Elefant 1.4.2.1811/24.03.03 fbserver.exe default permission

vuldb.com2024-11-09

CVE-2024-50590 | Hasomed Elefant 1.4.2.1811/24.03.03 fbserver.exe default permission | A vulnerability has been found in Hasomed Elefant 1.4.2.1811/24.03.03 and classified as critical. This vulnerability affects unknown code of the file C:\Elefant1\Firebird_2\bin\fbserver.exe. The manipulation leads to incorrect default permissions. This vulnerability was named CVE-2024-50590. The attack needs to be approached locally. There is no exploit available

vuldb.com

rss

forum

news

Social Media

Vulmon Vulnerability Feed

@VulmonFeeds

2024-11-08

CVE-2024-50590 Local Privilege Escalation via Writable Elefant Service Binaries Local attackers can gain higher privileges on a medical office computer by changing certain Elefant service files. These files have ... https://t.co/q6hHPgwmGq

Affected Software

No affected software found for this CVE

References

Reference	Link
551230F0-3615-47BD-B7CC-93E92E730BBF	https://hasomed.de/produkte/elefant/
551230F0-3615-47BD-B7CC-93E92E730BBF	https://r.sec-consult.com/hasomed
GITHUB	https://r.sec-consult.com/hasomed

CWE Details

CWE ID	CWE Name	Description
CWE-732	Incorrect Permission Assignment for Critical Resource	The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CWE-250	Execution with Unnecessary Privileges	The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
CWE-276	Incorrect Default Permissions	During installation, installed file permissions are set to allow anyone to modify those files.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence