4 matches found
CVE-2025-66266
CVE-2025-66266 concerns the RupsMon.exe service executable in UPSilon 2000. The vulnerability stems from insecure permissions that grant the Everyone group Full Control, enabling a local attacker to replace the binary with a malicious one to execute code with SYSTEM privileges or to alter the ser...
CVE-2025-66266 Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation
The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; startin...
MegaTec UPSilon2000 安全漏洞
MegaTec UPSilon2000 is an uninterruptible power supply UPS monitoring and control software from Taiwan, China-based MegaTec. A security vulnerability exists in MegaTec UPSilon2000 that stems from an insecure privilege that could lead to elevated privileges...
MegaTec UPSilon2000 安全漏洞
MegaTec UPSilon2000 is an uninterruptible power supply UPS monitoring and control software from Taiwan, China-based MegaTec. A security vulnerability exists in MegaTec UPSilon2000 that stems from an unquoted service path that could lead to elevation of privilege...