A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resul...
6.6CVSS
6.6AI Score
0.0004EPSS
Splashtop Streamer through 3.4.8.3 creates a Temporary File in a Directory with Insecure Permissions.
7.8CVSS
7.5AI Score
0.0004EPSS
The MSI installer for Splashtop Streamer for Windows before 3.5.8.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM by placing a wevtutil.exe file in the folder.
7.8CVSS
7.2AI Score
0.0004EPSS