[+] CVE ID: Pending - CVE-2017-14972 [+] Credits: Brett DeWall aka @xbadbiddyx & Joshua Platz aka Binary1985 @joshuaplatz [+] Websites: https://github.com/badbiddy & https://github.com/binary1985 [+] Source: https://raw.githubusercontent.com/badbiddy/Vulnerability-Disclosure/master/InFocus%20Mondopad%20%3C%202.2.08%20-%20CVE-2017-14972 Vendor: ========================== InFocus https://www.infocus.com/ Product: =========== InFocus Mondopad Version: 2.2.08 Mondopad is an elegant all-in-one touchscreen collaboration system for efficient face-to-face collaboration with people anywhere. Video conference, whiteboard, share data, etc. Vulnerability Type: ========================== Authentication Bypass Vulnerability Details: ===================== InFocus Mondopad is vulnerable to an authentication bypass vulnerability. An unauthenticated user can break out of Kiosk mode and access sensitive PIN protected files by opening a new task and specifying the local path where file are stored. Replication: ===================== 1) Upload file to Mondopad. -Unable to access file due to not knowing access pin. 2) Application allows for CTRL+ALT+DEL - Using task manager an individual is able to navigate to the folder the files are being held within without a access pin. Remediation Details: ===================== Prevent users from exiting the application without supplying administrative credentials. Timeline: ===================== 2017-09-29 - Issue Reported to Vendor [+] Disclaimer The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. badbiddy