![netop vision pro and update clients netop vision pro and update clients](https://fasrrain135.weebly.com/uploads/1/2/5/5/125500001/685859584.jpg)
- #NETOP VISION PRO AND UPDATE CLIENTS INSTALL#
- #NETOP VISION PRO AND UPDATE CLIENTS FULL#
- #NETOP VISION PRO AND UPDATE CLIENTS SOFTWARE#
- #NETOP VISION PRO AND UPDATE CLIENTS CODE#
- #NETOP VISION PRO AND UPDATE CLIENTS TRIAL#
![netop vision pro and update clients netop vision pro and update clients](https://images.squarespace-cdn.com/content/v1/5ea7ff1376f36f31fdb81b39/1589377578260-3QD6CWUS3WXXUPFGDA97/EDU-Features-Header-Laptop_1299x749px-Retina-20160915.png)
We noticed that even information normally considered sensitive, such as Windows credentials (Figure 2) and screenshots (Figure 4), were all sent in plaintext. Our first observation, now classified as CVE-2021-27194, was that all network traffic was unencrypted with no option to turn encryption on during configuration. An overview of the first few network packets can been seen in Figure 1 below and how the teacher, student transaction begins.įigure 1: Captured network traffic between teacher and student
#NETOP VISION PRO AND UPDATE CLIENTS INSTALL#
With the initial install complete, we took a network capture on the local network and took note of the traffic between the teacher and student. Additionally, the ratio of students to teachers in a normal school environment would ensure any vulnerabilities found on the student machines would be wider spread. This difference in execution context and start up behavior led us to target the student installs, as an attacker would have a higher chance of gaining elevated system permissions if it was compromised. The teacher install executes as a normal user and does not start at boot. This is achieved by installing the Netop agent as a system service that is automatically started at boot. The student installation needs to be tamperproof and persistent to prevent students from disabling the service. Once the students have connected to the classroom the teacher can perform a handful of actions to the entire class or individual students.ĭuring this setup we also took note of the permission levels of each component. The students have no input if they want to connect or not as it is enforced by the teacher. Once a classroom has been setup, the teacher can start a class which kicks off the session by pinging each student to connect to the classroom.
#NETOP VISION PRO AND UPDATE CLIENTS FULL#
The teacher has full control and gets to choose which “classroom” the student connects to without the student’s input. The teacher first creates a “classroom” which then can choose which student PCs should connect. The three student machines were configured with non-administrator accounts in our attempt to emulate a normal installation. We placed four virtual machines on a local network three were set up as students and one was set up as a teacher.
#NETOP VISION PRO AND UPDATE CLIENTS SOFTWARE#
We began by setting up the Netop software in a normal configuration and environment. Within a few minutes of downloading the software, we were able to have it configured and running without any complications.
#NETOP VISION PRO AND UPDATE CLIENTS TRIAL#
Netop provides all software as a free trial on its website, which makes it easy for anyone to download and analyze it. However, as a result of these abnormal times, computers are being loaned to students to continue distance learning, resulting in schooling software being connected to a wide array of networks increasing the attack surface. In other words, the Netop Vision Pro Software should never be accessible from the internet in the standard configuration.
![netop vision pro and update clients netop vision pro and update clients](https://www.codework-systems.com/wp-content/uploads/chrome-classroom-management-monitor-screen.png)
Netop Vision Pro is mainly used to manage a classroom or a computer lab in a K-12 environment and is not primarily targeted for eLearning or personal devices. Netop Vision Pro allows teachers to perform tasks remotely on the students’ computers, such as locking their computers, blocking web access, remotely controlling their desktops, running applications, and sharing documents. Netop Vision Pro is a student monitoring system for teachers to facilitate student learning while using school computers. We reported this research to Netop on Decemand we were thrilled that Netop was able to deliver an updated version in February of 2021, effectively patching many of the critical vulnerabilities.
#NETOP VISION PRO AND UPDATE CLIENTS CODE#
These findings allow for elevation of privileges and ultimately remote code execution, which could be used by a malicious attacker, within the same network, to gain full control over students’ computers. Our research into this software led to the discovery of four previously unreported critical issues, identified by CVE-2021-27192, CVE-2021-27193, CVE-2021-27194 and CVE-2021-27195. The focus of this blog is on Netop Vision Pro produced by Netop. We recently investigated software installed on computers used in K-12 school districts. The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for businesses and consumers.