2 matches found
CVE-2020-13535
A privilege escalation vulnerability exists in Kepware LinkMaster 3.0.94.0. In its default configuration, an attacker can globally overwrite service configuration to execute arbitrary code with NT SYSTEM privileges...
CVE-2020-13535
Kepware LinkMaster 3.0.94.0 has a privilege-escalation flaw (CVE-2020-13535) due to Incorrect Default Permissions (CWE-276). The service allows Everyone/SYSTEM-level access to change SERVICE_CONFIG, enabling a local attacker to re-point the LinkMaster service to an arbitrary executable and run wi...