58 matches found
JVN#35246979: ELECOM WAB-MAT registers its windows service executable with an unquoted file path
WAB-MAT provided by ELECOM CO.,LTD. is Access Point Management Tool for corporate users. WAB-MAT registers its windows service executable with an unquoted file path CWE-428. Impact If a malicious executable is placed on a certain path, it may be executed with the privilege of the Windows service...
CVE-2022-35292
In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to...
CVE-2022-31465
A vulnerability has been identified in Xpedition Designer VX.2.10 All versions VX.2.10 Update 13, Xpedition Designer VX.2.11 All versions VX.2.11 Update 11, Xpedition Designer VX.2.12 All versions VX.2.12 Update 5, Xpedition Designer VX.2.13 All versions VX.2.13 Update 1. The affected application...
Sytech XL Reporter 权限许可和访问控制问题漏洞
Sytech XL Reporter is a software application from Sytech Corporation. It provides all the powerful features of Excel such as charting, formatting and formulas, as well as XLReporter's industry-specific features to generate excellent reports. A local elevation of privilege vulnerability exists in...
Win911 Mobile Server Security Vulnerability
Win911 Mobile Server is a server-side program used in industrial environments to provide interactive data support for mobile apps from Win911 USA. A security vulnerability exists in Win911 Mobile Server V2.5, which can be exploited by an attacker to overwrite the service executable and execute...
McAfee Endpoint Security for Windows 10.6.1 / 10.7.0 September 2020 Update < 10.6.1 / 10.7.1 November 2020 Update Multiple Vulnerabilities (SB10335)
The version of the McAfee Endpoint Security ENS for Windows installed on the remote Windows host is affected by multiple vulnerabilities, as follows: - Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security ENS prior to 10.7.0 November 2020 Update allows...
InfoCage SiteShell installs their files with improper access permissions
Overview InfoCage SiteShell provided by NEC Corporation installs their files with improper access permissions CWE-732. Especially, the service executable files can be modified by Everyone users. NEC Corporation reported this vulnerability to IPA to notify users of its solution through JVN...
CVE-2020-7252
Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer DXL Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...
Design/Logic Flaw
Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer DXL Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...
CVE-2020-7252 Unquoted service executable path
Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer DXL Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...
CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
Avast Antivirus Local Denial of Service Vulnerability
Avast Antivirus is a suite of antivirus software from the Czech company Avast. A security vulnerability exists in Avast Antivirus versions prior to 19.4. The vulnerability can be exploited to bypass the Avast self-protection mechanism and rename important binary files e.g. AvastSvc.exe file,...
AMD Driver Installer and Gaming Evolved Product plays.tv Service Write File Vulnerability
AMD driver-installation packages and Gaming Evolved products are both products of AMD, Inc. AMD driver-installation packages are a set of driver installation packages for AMD graphics cards. Gaming Evolved products are game optimization products. plays.tv is one of the game recording and sharing...
SpiderControl SCADA Web Server Elevation of Privilege Vulnerability
SCADA Web Server is a software management platform. An elevation of privilege vulnerability exists in SpiderControl SCADA Web Server. An authenticated, non-administrative local user could change the service executable with elevated privileges, allowing an attacker to execute arbitrary code in the...
APC UPS Daemon Local Lift Vulnerability
Apcupsd APC UPS Daemon can be used for power management and control of most APC UPS models on Unix and Windows machines. APC UPS Daemon is vulnerable to a local privilege extraction vulnerability. It allows locally authenticated, unprivileged users to run arbitrary code with elevated privileges b...
APC UPS Daemon 3.14.14 Privilege Escalation
Credits: fragsh3ll aka Richard Young + Contact: https://twitter.com/fragsh3ll Vendor ========== http://www.apcupsd.org Product =========== APC UPS Daemon = 3.14.14 Vulnerability Type ===================== Privilege Escalation Vendor Description ===================== Apcupsd can be used for power...
AppLocker - Execution Prevention Bypass (Metasploit)
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'AppLocker Execution Prevention Bypass', 'Description' = %q This module will generate a .NET...
Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)
Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...