7 matches found
CVE-2019-15742
A local privilege-escalation vulnerability exists in the Poly Plantronics Hub before 3.14 for Windows client application. A local attacker can exploit this issue to gain elevated privileges...
Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plantronics Hub SpokesUpdateService Privilege Escalation', 'Description' = %q The Plantronics Hub client application for Windows makes use of an...
Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plantronics Hub SpokesUpdateService Privilege Escalation', 'Description' = %q The Plantronics Hub client application for Windows makes use of an...
CVE-2019-15742
CVE-2019-15742 is a local privilege-escalation vulnerability affecting Poly Plantronics Hub for Windows prior to 3.14. The flaw allows a non-privileged local attacker to gain SYSTEM-elevated privileges by abusing the SpokesUpdateService mechanism, where the update service can auto-execute a file ...
CVE-2019-15742
creationtimestamp| type| source ---|---|--- 2020-01-15 16:26:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/plantronicshubspokesupdateserviceprivesc.rb 2020-01-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47944...
Plantronics Hub SpokesUpdateService Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plantronics Hub SpokesUpdateService Privilege Escalation', 'Description' = %q The Plantronics Hub client application for Windows makes use of an...
Plantronics Hub SpokesUpdateService Privilege Escalation
The Plantronics Hub client application for Windows makes use of an automatic update service SpokesUpdateService.exe which automatically executes a file specified in the MajorUpgrade.config configuration file as SYSTEM. The configuration file is writable by all users by default. This module has be...