CVE-2023-29838

Vulnerability

SyncApp version 19.0.3.0, developed by Botkind/Siber Systems, contains an insecure permission vulnerability in the SyncService.exe executable. The service runs with SYSTEM privileges, but the executable file permissions allow any local user to modify or replace it [1][2]. This misconfiguration enables privilege escalation.

Exploitation

A local attacker with standard user privileges can replace or modify SyncService.exe with a malicious binary. When the service restarts (e.g., on system reboot or manual restart), the malicious code executes with SYSTEM privileges [2]. No additional authentication or user interaction is required beyond local access.

Impact

Successful exploitation grants the attacker full SYSTEM-level privileges, leading to complete compromise of the affected system. The attacker can execute arbitrary code, install programs, access sensitive data, and create new accounts with elevated rights [1][2].

Mitigation

As of the publication date, no official patch has been released by Botkind/Siber Systems. The vendor has not acknowledged the issue or provided a fixed version. Users should restrict local access to trusted users and consider removing the service if not needed. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog.