97 matches found
CVE-2024-42051
The MSI installer for Splashtop Streamer for Windows before 3.6.2.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by replacing InstRegExp.reg...
PT-2024-29711 · Splashtop · Splashtop Streamer
Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.6.2.0 Description: The MSI installer for Splashtop Streamer for Windows uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges...
CVE-2024-42053
The MSI installer for Splashtop Streamer for Windows before 3.6.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a version.dll file in the folder...
Splashtop Streamer 安全漏洞
Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.7.0.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...
CVE-2024-42053
The CVE concerns Splashtop Streamer for Windows prior to version 3.6.0.0. The MSI installer creates a temporary folder with weak permissions, allowing a local attacker to place a malicious version.dll and escalate to SYSTEM during installation. Affected component: MSI installer for Windows; root ...
CVE-2024-42050
The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProviderInst.reg...
CVE-2024-42052
The CVE-2024-42052 issue concerns the MSI installer for Splashtop Streamer for Windows prior to version 3.5.8.0. The installer uses a temporary folder with weak permissions during installation, allowing a local user to escalate privileges to SYSTEM by placing a wevtutil.exe file in that folder. A...
PT-2024-29713 · Splashtop · Splashtop Streamer
Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.6.0.0 Description: The issue concerns the MSI installer for Splashtop Streamer for Windows, which uses a temporary folder with weak permissions during installation. This weakness can be...
CVE-2024-42052
The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder...
CVE-2024-42050
The CVE-2024-42050 entry concerns Splashtop Streamer for Windows. The vulnerability stems from the MSI installer creating a temporary folder with weak permissions during installation, enabling a local user to escalate privileges to SYSTEM by triggering an oplock on CredProvider_Inst.reg. Affected...
Splashtop Streamer 安全漏洞
Splashtop Streamer is a remote access and remote support software from Splashtop USA. A security vulnerability exists in Splashtop Streamer prior to version 3.6.2.0, which originates from the MSI installer using a temporary folder with weak privileges during installation. An attacker could exploi...
PT-2024-29712 · Splashtop · Splashtop Streamer
Name of the Vulnerable Software and Affected Versions: Splashtop Streamer for Windows versions prior to 3.5.8.0 Description: The issue concerns the MSI installer for Splashtop Streamer for Windows, which uses a temporary folder with weak permissions during installation. A local user can exploit...
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitatio...
Why ransomware gangs love using RMM tools—and how to stop them
One of the most alarming trends our ThreatDown Intelligence team has noticed lately is the increased exploitation of legitimate Remote Monitoring and Management RMM tools by ransomware gangs in their attacks. RMM software, such as AnyDesk, Atera, and Splashtop, are essential for IT administrators...
Remote Monitoring & Management software used in phishing attacks
Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...
CVE-2023-3181
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
CVE-2023-3181
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
Design/Logic Flaw
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
CVE-2023-3181 Insecure Permissions in Splashtop Software Updater
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
CVE-2023-3181 Insecure Permissions in Splashtop Software Updater
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...