Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for “Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe,” which allows local users to gain privileges via a Trojan horse file.
CPE | Name | Operator | Version |
---|---|---|---|
btoe_connector | le | 2.3.0 |