CVE-2020-13535
Kepware LinkMaster 3.0.94.0 has a privilege-escalation flaw (CVE-2020-13535) due to Incorrect Default Permissions (CWE-276). The service allows Everyone/SYSTEM-level access to change SERVICE_CONFIG, enabling a local attacker to re-point the LinkMaster service to an arbitrary executable and run wi...