26 matches found
CVE-2021-47780
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
CVE-2021-47780
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
Macro Expert code issue vulnerabilities
Macro Expert is a robotics process automation software developed by Macro Expert Corporation. Version 4.7 of Macro Expert contains a code vulnerability; this vulnerability stems from service paths that are not enclosed in quotes, which may allow for the execution of arbitrary code...
CVE-2021-47780
Macro Expert 4.7 is affected by an unquoted service path vulnerability, enabling local users to potentially execute arbitrary code with LocalSystem privileges during service startup. Root cause: improperly configured service path. Impact is high (local exploit). Remediation: ensure the service pa...
CVE-2021-47780 Macro Expert 4.7 - Unquoted Service Path
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
CVE-2021-47780
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
CVE-2021-47780 Macro Expert 4.7 - Unquoted Service Path
Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...
CVE-2024-27674
Macro Expert through 4.9.4 allows BUILTIN\Users:OICIM access to the "%PROGRAMFILESX86%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary...
CVE-2024-27674
Macro Expert through 4.9.4 allows BUILTIN\Users:OICIM access to the "%PROGRAMFILESX86%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary...
CVE-2024-27674
Macro Expert through 4.9.4 allows BUILTIN\Users:OICIM access to the "%PROGRAMFILESX86%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary...
Macro Expert 安全漏洞
Macro Expert is a robotic process automation software from Macro Expert. A security vulnerability exists in Macro Expert 4.9.4 and prior versions that originates from allowing access to the GrassSoftMacro Expert folder, where an unprivileged user can upgrade MacroService to the SYSTEM .exe binary...
CVE-2024-27674
Macro Expert through 4.9.4 allows BUILTIN\Users:OICIM access to the "%PROGRAMFILESX86%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary...
PT-2024-21987
Name of the Vulnerable Software and Affected Versions Macro Expert versions 4.9.4 and earlier Description The issue allows an unprivileged user to escalate to SYSTEM by replacing the MacroService.exe binary due to improper access control. The "%PROGRAMFILESX86%GrassSoftMacro Expert" folder has...
CVE-2024-27674
CVE-2024-27674 affects Macro Expert (
CVE-2024-27674
Macro Expert through 4.9.4 allows BUILTIN\Users:OICIM access to the "%PROGRAMFILESX86%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary...
Macro Expert 4.9 - Unquoted Service Path Vulnerability
Exploit Title: Macro Expert 4.9 - Unquoted Service Path Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro Expert" SC...
Macro Expert 4.9 Unquoted Service Path
Exploit Title: Macro Expert 4.9 - Unquoted Service Path Date: 04/06/2023 Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro...
Macro Expert 4.9 - Unquoted Service Path
Exploit Title: Macro Expert 4.9 - Unquoted Service Path Date: 04/06/2023 Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro...
Macro Expert 4.7 - Unquoted Service Path Vulnerability
Exploit Title: Macro Expert 4.7 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 3.11.8 Vendor Homepage: http://www.macro-expert.com/ Tested on: Windows 10 C:\Users\Mertsc qc "Macro Expert" SC QueryServiceConfig SUCCESS SERVICENAME: Macro Expert TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2...
Macro Expert 4.7 - Unquoted Service Path
Exploit Title: Macro Expert 4.7 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 4.7 Date: 20.10.2021 Vendor Homepage: http://www.macro-expert.com/ Tested on: Windows 10 C:\Users\Mertsc qc "Macro Expert" SC QueryServiceConfig SUCCESS SERVICENAME: Macro Expert TYPE : 10 WIN32OWNPROCESS...