CVE-2023-53954

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

CVE-2023-53954

CVE-2023-53954 concerns ActFax 10.10, which has an unquoted service path in the ActiveFaxServiceNT service. According to multiple sources, attackers with write access to Program Files can inject a malicious ActSrvNT.exe and, when the service restarts, achieve elevated system access. The vulnerabi...

CVE-2023-53954 ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to...

ActFax 10.10 - Unquoted Path Services

Exploit Title: ActFax 10.10 - Unquoted Path Services Date: 22/03/2023 Exploit Author: Birkan ALHAN @taftss Vendor Homepage: https://www.actfax.com Software Link: https://www.actfax.com/en/download.html Version: Version 10.10, Build 0551 2023-02-01 Tested on: Windows 10 21H2 OS Build 19044.2728...

ActiveFax Server 6.92 Build 0316 - ActiveFaxServiceNT Unquoted Service Path

ActiveFax Server 6.92 Build 0316 - ActiveFaxServiceNT Unquoted Service Path Exploit Title : ActiveFax Server 6.92 Build 0316 - 'ActiveFaxServiceNT' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor Homepage: https://www.actfax.com/ Software Link :...