3 matches found
CodeMeter < 5.20 Local Privilege Escalation Vulnerability
According to its self-reported version, the CodeMeter WebAdmin server installed on the remote host is prior to 5.20a 5.20.1458.500. It is affected by insecure read/write permissions for the 'codemeter.exe' service, which a local attacker can exploit to gain elevated privileges via a trojan horse...
CVE-2014-8419 - CodeMeter Weak Service Permissions
CodeMeter Weak Service Permissions Vendor Website : http://www.codemeter.com INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Vulnerability 5. Solution 6. Credit 7. Disclosure Timeline 8. CVE 1. BACKGROUND ---------------------------------------...
CVE-2014-8419
CVE-2014-8419 affects CodeMeter Runtime prior to 5.20. The Windows service codemeter.exe is created with insecure Read/Write permissions for all users, enabling a local attacker to substitute the binary and gain SYSTEM privileges via a trojan-horse file. Several sources confirm the vulnerability ...