QwikSec

Security Database

CVE

CWE

Training

CVE-2020-25507

Published: Dec 28, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An incorrect permission assignment during the installation script of TeamworkCloud 18.0 thru 19.0 allows a local unprivileged attacker to execute arbitrary code as root. During installation, the user is instructed to set the system enviroment file with world writable permissions (0777 /etc/environment). Any local unprivileged user can execute arbitrary code simply by writing to /etc/environment, which will force all users, including root, to execute arbitrary code during the next login or reboot. In addition, the entire home directory of the twcloud user at /home/twcloud is recursively given world writable permissions. This allows any local unprivileged attacker to execute arbitrary code, as twcloud. This product was previous named Cameo Enterprise Data Warehouse (CEDW).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://docs.nomagic.com/display/TWCloud190/Installation+on+Linux+using+scripts

x_refsource_MISC

https://github.com/sickcodes/security/blob/master/advisories/SICK-2020-002.md

x_refsource_MISC

https://sick.codes/sick-2020-002/

x_refsource_MISC

https://community.nomagic.com/finding-and-fixing-wrong-file-permission-twc-installation-t7165.html

x_refsource_CONFIRM

https://sick.codes/finding-a-vulnerability-in-teamwork-cloud-server-nomagic-3ds-which-is-used-by-gov-enterprise-to-design-rockets-missiles-and-satellites

x_refsource_MISC

https://web.archive.org/web/20201219155833/https://docs.nomagic.com/pages/viewpage.action?pageId=20846937

x_refsource_MISC

https://web.archive.org/web/20201219095507/https://docs.nomagic.com/display/TWCloud185SP1/Installation+on+Centos+7.

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.