#NETOP VISION PRO 7 FULL#
The teacher has full control and gets to choose which “classroom” the student connects to without the student’s input. The teacher first creates a “classroom” which then can choose which student PCs should connect. The three student machines were configured with non-administrator accounts in our attempt to emulate a normal installation. We placed four virtual machines on a local network three were set up as students and one was set up as a teacher.
#NETOP VISION PRO 7 SOFTWARE#
We began by setting up the Netop software in a normal configuration and environment. Within a few minutes of downloading the software, we were able to have it configured and running without any complications. Netop provides all software as a free trial on its website, which makes it easy for anyone to download and analyze it. However, as a result of these abnormal times, computers are being loaned to students to continue distance learning, resulting in schooling software being connected to a wide array of networks increasing the attack surface.
#NETOP VISION PRO 7 PRO#
In other words, the Netop Vision Pro Software should never be accessible from the internet in the standard configuration. Netop Vision Pro is mainly used to manage a classroom or a computer lab in a K-12 environment and is not primarily targeted for eLearning or personal devices. Netop Vision Pro allows teachers to perform tasks remotely on the students’ computers, such as locking their computers, blocking web access, remotely controlling their desktops, running applications, and sharing documents. Netop Vision Pro is a student monitoring system for teachers to facilitate student learning while using school computers. We reported this research to Netop on Decemand we were thrilled that Netop was able to deliver an updated version in February of 2021, effectively patching many of the critical vulnerabilities. These findings allow for elevation of privileges and ultimately remote code execution, which could be used by a malicious attacker, within the same network, to gain full control over students’ computers. Our research into this software led to the discovery of four previously unreported critical issues, identified by CVE-2021-27192, CVE-2021-27193, CVE-2021-27194 and CVE-2021-27195. The focus of this blog is on Netop Vision Pro produced by Netop. We recently investigated software installed on computers used in K-12 school districts. The McAfee Labs Advanced Threat Research team is committed to uncovering security issues in both software and hardware to help developers provide safer products for businesses and consumers.