CVE-2022-48227

Vulnerability

Acuant AsureID Sentinel versions prior to 5.2.149 contain a privilege escalation vulnerability. After installation of AssureID, Identify x64, and Identify x86, the software opens Notepad. This behavior is unintended and can be leveraged by an attacker to gain elevated privileges. The issue is tracked as CORE-7361 and affects all versions before 5.2.149 [1].

Exploitation

An attacker with local access to a system where Acuant AsureID Sentinel (pre-5.2.149) is installed can exploit this vulnerability. The attacker must be able to interact with the system after the installation process completes. When Notepad is opened, it runs with the privileges of the installer (typically SYSTEM or Administrator). The attacker can then use Notepad's file open dialog or other mechanisms to execute arbitrary code with those elevated privileges.

Impact

Successful exploitation allows an attacker to elevate their privileges to the level of the installer (e.g., SYSTEM or Administrator). This can lead to full compromise of the affected system, including unauthorized access to sensitive data, installation of malware, or persistent control.

Mitigation

Acuant has released version 5.2.149 to address this issue. Users should upgrade to this version or later. No workarounds are documented. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date.