2024-04-03 00:00:00
mitre
PUBLISHED
Macro Expert through 4.9.4 allows BUILTINUsers:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%GrassSoftMacro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary.