Fortra For Windows Vulnerability Let Attackers Escalate Privilege

Fortra’s Robot Schedule Enterprise Agent permits a low-privileged user to elevate privileges to the local system level.  The problem arises from the agent’s failure to adequately secure its service executable, which an attacker can exploit by swapping out the executable for a malicious one. As a result, the malicious code will run with elevated privileges when the service restarts, allowing unauthorized access to the system.

Source: GBHackers

 


Date:

Categorie(s):