The windows installer agent used in affected product contains incorrect use of privileged APIs that trigger the Windows Console Host (conhost.exe) as a child process with SYSTEM privileges. Session Hijack vulnerability in Deprecated VMware Enhanced Authentication Plug-in could allow a malicious actor with unprivileged local access to a windows operating system can hijack a privileged EAP session when initiated by a privileged domain user on the same system.Ī vulnerability has been identified in Unicam FX (All versions). Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data. Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access. Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access. This issue has been patched in version 4.0.4. This impacts any installer built with the WiX installer framework. be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges. An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |