U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2024-50592

Change History

New CVE Received from SEC Consult Vulnerability Lab 11/08/2024 8:15:03 AM

Action Type Old Value New Value
Added Description

								
							
							
						
An attacker with local access the to medical office computer can 
escalate his Windows user privileges to "NT AUTHORITY\SYSTEM" by 
exploiting a race condition in the Elefant Update Service during the 
repair or update process. When using the repair function, the service queries the server for a 
list of files and their hashes. In addition, instructions to execute 
binaries to finalize the repair process are included. The executables are executed as "NT AUTHORITY\SYSTEM" after they are 
copied over to the user writable installation folder (C:\Elefant1). This
 means that a user can overwrite either "PostESUUpdate.exe" or 
"Update_OpenJava.exe" in the time frame after the copy and before the 
execution of the final repair step. The overwritten executable is then executed as "NT AUTHORITY\SYSTEM".
Added CWE

								
							
							
						
SEC Consult Vulnerability Lab CWE-367
Added Reference

								
							
							
						
SEC Consult Vulnerability Lab https://hasomed.de/produkte/elefant/ [No types assigned]
Added Reference

								
							
							
						
SEC Consult Vulnerability Lab https://r.sec-consult.com/hasomed [No types assigned]