[H8] cak_ store ACL set via bare icacls (PATH search) from SYSTEM -> LPE; silent weaker store on failure #22

Open
opened 2026-06-05 17:35:59 -07:00 by azcomputerguru · 0 comments

Severity: High

Component(s): agent

Affected file(s):

  • agent/src/credential_store.rs (~lines 309/345)

Problem:
The cak_ store ACL is set by shelling out to a bare icacls (PATH search) from a SYSTEM context, enabling local privilege escalation if icacls.exe is hijacked, and it silently falls back to a weaker store on failure.

Recommended fix:
Use the absolute path C:\Windows\System32\icacls.exe or the Win32 SetNamedSecurityInfoW API, and verify the ACL.

Remediation phase: P3

From the 2026-06-05 three-way review (Claude+Gemini+Grok) — see reports/review-2026-06-05/SYNTHESIS-three-way.md (finding H8) and REMEDIATION-PLAN.md (P3).

**Severity:** High **Component(s):** agent **Affected file(s):** - `agent/src/credential_store.rs` (~lines 309/345) **Problem:** The `cak_` store ACL is set by shelling out to a bare `icacls` (PATH search) from a SYSTEM context, enabling local privilege escalation if `icacls.exe` is hijacked, and it silently falls back to a weaker store on failure. **Recommended fix:** Use the absolute path `C:\Windows\System32\icacls.exe` or the Win32 `SetNamedSecurityInfoW` API, and verify the ACL. **Remediation phase:** P3 From the 2026-06-05 three-way review (Claude+Gemini+Grok) — see reports/review-2026-06-05/SYNTHESIS-three-way.md (finding H8) and REMEDIATION-PLAN.md (P3).
azcomputerguru added the severity:highcomponent:agentsecurity labels 2026-06-05 17:36:00 -07:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: azcomputerguru/guru-connect#22