CVE-2021-32957

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

CVE-2021-32957

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

Design/Logic Flaw

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

CVE-2021-32957 MDT AutoSave Uncontrolled Search Path Element

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

CVE-2021-32957

The CVE-2021-32957 entry relates to MDT AutoSave prior to version 6.02.06, where a function used to retrieve process system information collects commands and formats results into XML and returns the full path to the executable. This creates a risk of binary hijacking (Uncontrolled Search Path Ele...

CVE-2021-32957 MDT AutoSave Uncontrolled Search Path Element

A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for a specific process, and this information collection executes multiple commands and summarizes the information into an XML. This function and subsequent process gives full path to the executable and is...

CVE-2021-38088

Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking...

Privilege escalation

Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking...

CVE-2021-38088

Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking...

TIETEN Acronis Cyber Protect 安全漏洞

TIETEN Acronis Cyber Protect is an application from TIETEN Acronis Cyber Protect TIETEN, China. provides the ability to unify your network protection by integrating backup, disaster recovery, AI-based malware protection, remote assistance, and security into a single, reliable tool. A security...

MDT AutoSave SQL注入漏洞

MDT AutoSave is a software application. It provides an automated change management function. An SQL injection vulnerability exists in MDT AutoSave where a function in the device is used to retrieve process-specific system information, which is collected by executing multiple commands and...

Microsoft Windows Unsafe Handling Practices Vulnerability

This post outlines multiple unsafe practices in Microsoft Windows that can allow for local privilege escalation. This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed...

Microsoft Windows Unsafe Handling Practices

Hi @ll, This multi-part post can be read even without a MIME-compliant program! Back in 2014, I reported a vulnerability in CreateProcess's handling of .cmd and .bat files that Microsoft fixed with MS14-019 alias MSKB 2922229 and assigned CVE-2014-0315: command lines with a batch script as first...

Cisco Directory Connector Search Order Hijacking Vulnerability

A vulnerability in the search path processing of Cisco Directory Connector could allow an authenticated, local attacker to load a binary of their choosing. The vulnerability is due to uncontrolled search path elements. An attacker could exploit this vulnerability by placing a binary of their...

MS14-019 – Fixing a binary hijacking via .cmd or .bat file

Command .cmd and batch .bat files can be directly provided as input to the CreateProcess as if it is an executable. CreateProcess uses the cmd.exe automatically to run the input .cmd or .bat. Today, with the bulletin MS14-019 we are fixing a vulnerability, where in particular scenario it is...

Bloodshed Dev-C++ 4.9.9.2 Binary Hijacking Exploit

/ Exploit Title: Bloodshed Dev-C++ Binary Hijacking Exploit make.exe, mingw32-make.exe Date: August 25, 2010 Author: storm [email protected] Version: 4.9.9.2 Tested on: Windows Vista SP2 http://www.gonullyourself.org/ gcc -o make.exe Dev-C++-Binary.c gcc -o mingw32-make.exe Dev-C++-Binary....

Bloodshed Dev-C++ Binary Hijacking (make.exe, mingw32-make.exe)

Exploit for windows platform in category local exploits =============================================================== Bloodshed Dev-C++ Binary Hijacking make.exe, mingw32-make.exe =============================================================== / Exploit Title: Bloodshed Dev-C++ Binary Hijacking...