Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users (and low-privileged users have write access to %PROGRAMDATA%\SSCService). Consequently, low-privileged users can execute arbitrary code as LocalSystem.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.youtube.com/watch?v=3dCoV33y1WY |
History
Thu, 08 Aug 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-03-26T00:00:00
Updated: 2024-08-08T15:44:07.840Z
Reserved: 2023-12-11T00:00:00
Link: CVE-2023-50702
Vulnrichment
Updated: 2024-08-02T22:16:47.177Z
NVD
Status : Awaiting Analysis
Published: 2024-03-26T23:15:46.587
Modified: 2024-08-08T16:35:03.110
Link: CVE-2023-50702
Redhat
No data.