CVE-2023-27793

Vulnerability

IXP Data Easy Install version 6.6.14884.0 stores the local Administrator password insecurely using base64 encoding rather than strong encryption. This weak encoding is applied to sensitive credential data within the application's local storage. The vulnerability is identified as CVE-2023-27793 [1]. No special configuration is required; the weak encoding is part of the default application behavior.

Exploitation

A local attacker with access to the affected system can extract the base64-encoded string from the application's configuration files or memory. The attacker does not require prior authentication to the Easy Install service, only local file system read permissions. Decoding the base64 string directly reveals the plaintext local Administrator password [1].

Impact

Successful exploitation allows the attacker to obtain the local Administrator password, leading to a full compromise of the local system. This can be used to escalate privileges from a low-privileged user to SYSTEM or Administrator, and potentially move laterally across the enterprise if the same password is reused [1].

Mitigation

IXP Data has not published a specific patch for CVE-2023-27793, but the vendor was informed and the vulnerability disclosure recommends not using base64 encoding for sensitive data. As a workaround, organizations should implement strong encryption for stored credentials, monitor local file access, and apply the principle of least privilege to local user accounts. The affected version is v6.6.14884.0 [1].