CVE-2024-27715

Vulnerability

A privilege escalation vulnerability exists in Eskooly Free Online School management Software version 3.0 and earlier. The password change mechanism fails to verify the user's current (old) password, requiring only the entry of a new password and its confirmation [1]. This allows an attacker with access to an authenticated session to bypass password verification entirely.

Exploitation

To exploit this issue, an attacker must have access to the victim's currently active browser session (e.g., the victim left their session open on a shared or unattended device) [1]. The attacker can then navigate to the password change functionality and directly set a new password without being prompted for the existing password [1]. No authentication beyond the captured session is needed.

Impact

Successful exploitation allows the attacker to change the victim's password, leading to full account takeover. The attacker gains access to all stored credentials and sensitive data within the Eskooly application, potentially enabling identity theft, unauthorized access to connected services, and significant data breaches [1]. The impact is rated as High because the application stores critical and sensitive data [1].

Mitigation

The vendor has not yet released a patch for this vulnerability. The recommended mitigation is to enhance the password update process by requiring users to input their current password before setting a new one, which adds a crucial verification layer [1]. Organizations should monitor for updates from Eskooly and restrict access to sessions to mitigate risk until a fix is available.