CVE-2022-39959

Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a...

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

CVE-2023-31468

An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 Runtime RT7.3 RC3 20221209.5. The "%PROGRAMFILESX86%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM. 2024-1 is a fixed version...

Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key

// source: https://www.securityfocus.com/bid/182/info The default ACL over the HKEYLocalMachine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon key "System" value includes an entry for Server Operators:Special. The Special setting allows Server Ops to "Set" this value. A malicious System...

Microsoft Windows NT 4.04.0 SP14.0 SP24.0 SP34.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key

Microsoft Windows NT 4.04.0 SP14.0 SP24.0 SP34.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key // source: https://www.securityfocus.com/bid/182/info The default ACL over the HKEYLocalMachine\Software\Microsoft\Windows NT\CurrentVersion\Winlogon key "System" value include...