CVE-2024-27674

Macro Expert through 4.9.4 allows BUILTIN\Users:OICIM access to the "%PROGRAMFILESX86%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary...

PT-2024-21987

Name of the Vulnerable Software and Affected Versions Macro Expert versions 4.9.4 and earlier Description The issue allows an unprivileged user to escalate to SYSTEM by replacing the MacroService.exe binary due to improper access control. The "%PROGRAMFILESX86%GrassSoftMacro Expert" folder has...

CVE-2024-27674

CVE-2024-27674 affects Macro Expert (

Macro Expert 4.9 - Unquoted Service Path

Exploit Title: Macro Expert 4.9 - Unquoted Service Path Date: 04/06/2023 Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro...

Macro Expert 4.0 - Multiple Privilege Escalations

Exploit for windows platform in category local exploits Exploit Title: Macro Expert 4.0 Multiple Elevation of Privilege Date: 26/09/2016 Exploit Author: Tulpa Contact: email protected Author website: www.tulpa-security.com Vendor Homepage: http://www.macro-expert.com/ Software Link:...