Unhandled error when accessing WMI object database file

[itm4n]

In the SCCM NAA credential check, the WMI object database file is accessed directly without first making sure that it is accessible. This may result in an unhandled error when access is denied for whatever reason.

┏━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ CATEGORY ┃ TA0006 - Credential Access                        ┃
┃ NAME     ┃ Credentials - SCCM Network Access Account (NAA)   ┃
┃ TYPE     ┃ Base                                              ┃
┣━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┫
┃ Check whether SCCM NAA credentials are stored in the WMI     ┃
┃ repository. If so, the username and password DPAPI blobs are ┃
┃ returned, but can only be decrypted using the SYSTEM's DPAPI ┃
┃ user key.                                                    ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
Select-String : The file C:\windows\System32\wbem\Repository\OBJECTS.DATA cannot be read: Access to the path
'C:\windows\System32\wbem\Repository\OBJECTS.DATA' is denied.
At line:597 char:23
+ ... andidates = Select-String -Path $Path -Pattern "$($BasePattern)`0`0$( ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (:) [Select-String], ArgumentException
    + FullyQualifiedErrorId : ProcessingFile,Microsoft.PowerShell.Commands.SelectStringCommand