YubiKey Manager Privilege Escalation Let Attacker Perform Admin Functions

5 April 2024

YubiKey Manager GUI on Windows before version 1.2.6 has a vulnerability that could allow an attacker to escalate privileges. Due to a limitation in Windows, it requires administrator privileges to interact with FIDO authenticators. An attacker can exploit this by tricking a user into running the YubiKey Manager GUI with administrator rights.

Source: GBHackers

Date:

5 April 2024

Categorie(s):

NEWS

Tag(s):

Admins, Cyber Security News, Functions, Let, Security Pro

McAfee Dominates AV-Comparatives PC Performance Test3 May 2024
Preparation: The Less Shiny Side of Incident Response – Joe Gross – ESW #3603 May 2024
Critical GitLab account takeover flaw added to CISA’s KEV Catalog2 May 2024
Microsoft, Google do a victory lap around passkeys2 May 2024
Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024