Vulnerabilities

CVE-2021-31771

by Fred · 06/07/2021

Splinterware System Scheduler Professional version 5.30 is subject to insecure folders permissions issue impacting where the service ‘WindowsScheduler’ calls its executable. This allow a non-privileged user to execute arbitrary code with elevated privileges (system level privileges as "nt authoritysystem") since the service runs as Local System.

Date published : 2021-07-06

http://splinterware.com

https://packetstormsecurity.com/files/162540/Splinterware-System-Scheduler-Professional-5.30-Privilege-Escalation.html

Similar

Tags: Cybersecurity Alert