Published: 25/12/2023 Updated: 03/01/2024

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

One Identity Password Manager prior to 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the Google ReCAPTCHA section, click on the Privacy link, observe that there is a new browser window, navigate to any website that offers file upload, navigate to cmd.exe from the file explorer window, and launch cmd.exe as NT AUTHORITY\SYSTEM.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oneidentity password manager

One Identity Password Manager versions prior to 5131 suffer from a kiosk escape privilege escalation vulnerability ...

Full Disclosure mailing list archives   By Date By Thread </form>    SEC Consult SA-20231206 :: Kiosk Escape Privilege Escalation in One Identity Password Manager Secure Password Extension ...

NVD-CWE-noinfo https://www.oneidentity.com/products/password-manager/https://sec-consult.com/vulnerability-lab/advisory/kiosk-escape-privilege-escalation-one-identity-password-manager-secure-password-extension/https://nvd.nist.gov https://packetstormsecurity.com/files/176203/One-Identity-Password-Manager-Kiosk-Escape-Privilege-Escalation.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-48654

Vulnerability Summary

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect