Security Advisory

CVE-2023-50702

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-26 00:00:00

Last updated 2024-08-08 15:44:07

Assigner mitre

State PUBLISHED

Description

Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users (and low-privileged users have write access to %PROGRAMDATA%SSCService). Consequently, low-privileged users can execute arbitrary code as LocalSystem.

← Browse all CVEs View on cve.org ↗