CVE-2017-3210

Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the...

CVE-2017-3210 Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution

Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the...

CVE-2017-3210

The CVE-2017-3210 issue affects Portrait Displays SDK services where pdiservice.exe runs with NT AUTHORITY/SYSTEM permissions and is writable by all Authenticated Users, enabling local privilege escalation. Affected applications include Portrait Display SDK-based tools such as Fujitsu DisplayView...

Portrait Display SDK Service Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Privilege Escalation due to insecure service configuration product: Portrait Display SDK Service vulnerable version: mutliple, see PoC fixed version: multiple, see soluti...