CVE-2024-10526

The provided data confirms CVE-2024-10526 affects Rapid7 Velociraptor MSI Installer before version 0.73.3. The issue stems from the installer creating the installation directory with WRITE_DACL permissions for BUILTIN\Users, enabling non-admin local users to grant themselves Full Control on Veloc...

PT-2024-16343 · Rapid7 · Rapid7 Velociraptor Msi Installer

Name of the Vulnerable Software and Affected Versions: Rapid7 Velociraptor MSI Installer versions prior to 0.73.3 Description: The issue arises from the Rapid7 Velociraptor MSI Installer creating the installation directory with WRITE DACL permission to the BUILTINUsers group. This allows local...

Kubernetes sets incorrect permissions on Windows containers logs

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs...

CVE-2024-5321

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs...

CVE-2024-5321 Incorrect permissions on Windows containers logs

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs...

SUSE CVE-2021-29951

The Mozilla Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also...

CVE-2020-24307

An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:M is present...

PowerHuntShares - Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains

PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intented to help IAM and other blue teams gain a better understand of their SMB Share attack surface and provides data insights t...

Design/Logic Flaw

An issue was discovered in TitanFTP aka Titan FTP NextGen before 1.2.1050. When installing, Microsoft SQL Express 2019 installs by default with an SQL instance running as SYSTEM with BUILTIN\Users as sysadmin, thus enabling unprivileged Windows users to execute commands locally as NT...

Privilege Escalation

thunderbird is vulnerable to privilege escalation.The maintenance service grants SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service...

Security Vulnerabilities fixed in Thunderbird 78.10.1 — Mozilla

The Maintenance Service granted SERVICESTART access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating if an attacker spammed the 'Stop' command; but also exposed atta...

CVE-2020-27992

Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILESX86%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users...

HomeGuard Pro 9.3.1 - Insecure Folder Permissions

Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/hg-pro/exe/HomeGuardPro-Setup.exe Version 9.3.1 Tested On: Windows 10 32-bit HomeGuard Pro v9.3.1 - Unquoted...

CVE-2018-18519

BestXsoftware Best Free Keylogger before 6.0.0 allows local users to gain privileges via a Trojan horse "%PROGRAMFILES%\BFK 5.2.9\syscrb.exe" file because of insecure permissions for the BUILTIN\Users group...

Macro Expert 4.0 - Multiple Privilege Escalations

Exploit for windows platform in category local exploits Exploit Title: Macro Expert 4.0 Multiple Elevation of Privilege Date: 26/09/2016 Exploit Author: Tulpa Contact: email protected Author website: www.tulpa-security.com Vendor Homepage: http://www.macro-expert.com/ Software Link:...

IPass Control Pipe - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'IPass Control Pipe Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the IPass Client service...

IPass Control Pipe Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'IPass Control Pipe Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the IPass Client service...

Rising Antivirus 2009 Privilege Escalation

No description provided by source. Application: Rising Antivirus 2009 Platforms: Windows XP Professional SP2 Exploitation: Privilege Escalation Date: 2009-10-26 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical details 3 The Code N/A =============== 1 Introduction...