September 20, 2018Swati Khandelwal
A high-severity vulnerability has been discovered in 4G-based wireless
4GEE Mini modem sold by mobile operator EE that could allow an attacker
to run a malicious program on a targeted computer with the highest level
of privileges in the system.
The vulnerability—discovered by 20-year-old Osanda Malith, a Sri
Lankan security researcher at ZeroDayLab—can be exploited by a low
privileged user account to escalate privileges on any Windows computer
that had once connected to the EE Mini modem via USB.
This, in turn, would allow an attacker to gain full system access to the
targeted remote computer and thereby, perform any malicious actions,
such as installing malware, rootkits, keylogger, or stealing personal
information.
4G Mini WiFi modem is manufactured by Alcatel and sold by EE, a mobile
operator owned by BT Group— Britain’s largest digital communications
company that serves over 31 million connections across its mobile, fixed
and wholesale networks.
How Does the Attack Work?
The local privilege escalation flaw, tracked as CVE-2018-14327, resides
in the driver files installed by EE 4G Mini WiFi modem on a Windows
system and originates because of folder permissions, allowing any low
privileged user to “read, write, execute, create, delete do anything
inside that folder and it’s subfolders.”
For successful exploitation of the vulnerability, all an attacker or
malware just needs to do is replace “ServiceManager.exe” file from the
driver folder with a malicious file to trick the vulnerable driver into
executing it with higher SYSTEM privileges after reboot.
Malith also posted a video demonstration showing that how attackers can
exploit this flaw to escalate their privileges on a Windows machine to
gain a reverse shell.
“An attacker can plant a reverse shell from a low privileged user account and by restarting the computer, the malicious service will be started as “NT AUTHORITY\SYSTEM” by giving the attacker full system access to the remote PC,” he explains in his blog.
Patch Your 4G Wi-Fi Mini Modems
The researcher reported the vulnerability to EE and Alcatel in July, and the company acknowledged the issue and rolled out a firmware patch earlier this month to address the vulnerability.
ATTENTION: Click Here To Get Over $100,000 Money Transfer Through Bank Transfer Hackers!!!
ATTENTION: Get Your Hacked Western Union MTCN Transfer and Cash Out Over $2500 within minutes!!!
ATTENTION: Click Here For Your Blank/Cloned ATM Cards for ATM Cashout and Online Purchase!!!
If you own a G-based wireless 4GEE Mini modem from EE, you are advised
to update the firmware modem to the latest “EE40_00_02.00_45” version
and remove previous vulnerable versions.
Follow these simple steps to update your 4GEE Mini modem to the latest patch update:
- Go to your router’s default gateway: http://192.168.1.1.
- Click on the “Check for Update” to update your firmware.
- Once updated to the patched software version EE40_00_02.00_45, remove the previously installed software version from your computer.
For more details on the vulnerability, you can head on to Malith’s blog, and the detailed advisory released by ZeroDayLab.