12 matches found
CVE-2022-50693
Affected software: Splashtop 8.71.12001.0. Vulnerability: unquoted service path in the Splashtop Software Updater Service, allowing local attackers to inject malicious executables and escalate privileges via the unquoted path at C:\Program Files (x86)\Splashtop\Splashtop Software Updater. Root ca...
CVE-2022-50693 Splashtop 8.71.12001.0 - Unquoted Service Path
Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\Splashtop\Splashtop Software Updater\ to inject...
EUVD-2020-4743
Malware in sbrugna...
CVE-2023-3181
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
CVE-2020-12431
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...
CVE-2023-3181
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
CVE-2023-3181 Insecure Permissions in Splashtop Software Updater
The C:\Program Files x86\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Tempnsu.tmp and copies itself to it as Au.exe. The C:\Windows\Tempnsu.tmp\Au.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI...
Splashtop 8.71.12001.0 - Unquoted Service Path
Exploit Title: Splashtop 8.71.12001.0 - Unquoted Service Path Date: 12/20/2022 Exploit Author: A.I. hernandez Version: 8.71.12001.0 Vendor Homepage: https://www.splashtop.com Version: current version Tested on: Windows 10 21H2 Step to discover Unquoted Service Path: C:\wmic service get...
CVE-2020-12431
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...
CVE-2020-12431
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...
Privilege escalation
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...
CVE-2020-12431
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with...