Executive Summary

This vulnerability in the Bizerba Communication Server (BCS) is due to an unquoted service path in the Windows registry. Because the executable path for the BCS service is not enclosed in quotes, Windows may misinterpret the path and execute malicious programs with system privileges. This can allow an attacker to run unauthorized code on the affected system. [1]

Useful 0 Not Useful 0

Impact Analysis

The vulnerability can allow a local attacker with low privileges to execute malicious programs with elevated system privileges. This can lead to a complete compromise of the affected system, impacting confidentiality, integrity, and availability of data and services. [1]

Useful 0 Not Useful 0

Detection Guidance

You can detect this vulnerability by checking if the Bizerba Communication Server (BCS) service executable path in the Windows registry is unquoted. Specifically, inspect the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BCS\ImagePath to see if the path is enclosed in quotes. A common command to check this on a Windows system is using PowerShell: Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\BCS' -Name ImagePath. If the path is not enclosed in quotes, the system is vulnerable. [1]

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation involves editing the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BCS\ImagePath to enclose the service executable path in quotes. This prevents Windows from misinterpreting the path and executing malicious programs. The definitive solution is to update the Bizerba Communication Server software to version 5.02 or later, which contains the fix. [1]

Useful 0 Not Useful 0