6 matches found
CVE-2023-50702
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users and low-privileged users have write access to %PROGRAMDATA%\SSCService. Consequently, low-privileged users can execute arbitrary code as LocalSystem...
CVE-2023-50702
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users and low-privileged users have write access to %PROGRAMDATA%\SSCService. Consequently, low-privileged users can execute arbitrary code as LocalSystem...
CVE-2023-50702
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users and low-privileged users have write access to %PROGRAMDATA%\SSCService. Consequently, low-privileged users can execute arbitrary code as LocalSystem...
CVE-2023-50702
The CVE-2023-50702 entry concerns Sikka SSCWindowsService v5 (2023-09-14). It describes a flaw where the service runs a program as LocalSystem but grants write permissions to %PROGRAMDATA%\SSCService for low-privilege users, enabling them to execute arbitrary code with LocalSystem privileges. Con...
PT-2024-13955 · Sikka · Sikka Sscwindowsservice
Name of the Vulnerable Software and Affected Versions: Sikka SSCWindowsService version 5 2023-09-14 Description: The issue allows low-privileged users to execute arbitrary code as LocalSystem due to full control being granted to them. This is possible because low-privileged users have write acces...
CVE-2023-50702
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users and low-privileged users have write access to %PROGRAMDATA%\SSCService. Consequently, low-privileged users can execute arbitrary code as LocalSystem...