2 matches found
CVE-2019-12808
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges...
CVE-2019-12808
CVE-2019-12808 affects ALTOOLS update service (version 18.1 and earlier). The root cause is insecure file permissions that allow an attacker to overwrite an executable that is launched as a service, enabling local privilege escalation to SYSTEM. The available documents confirm the vulnerability a...