[local] ASUS Control Center Express 01.06.15 - Unquoted Service Path
2024-4-2 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:2 收藏

# Exploit Title: ASUS Control Center Express 01.06.15 - Unquoted Service Path
Privilege Escalation
# Date: 2024-04-02
# Exploit Author: Alaa Kachouh
# Vendor Homepage:
https://www.asus.com/campaign/ASUS-Control-Center-Express/global/
# Version: Up to 01.06.15
# Tested on: Windows
# CVE: CVE-2024-27673

===================================================================
ASUS Control Center Express Version =< 01.06.15 contains an unquoted
service path which allows attackers to escalate privileges to the system
level.
Assuming attackers have write access to C:\, the attackers can abuse the
Asus service "Apro console service"/apro_console.exe which upon restarting
will invoke C:\Program.exe with SYSTEM privileges.

The binary path of the service alone isn't susceptible, but upon its
initiation, it will execute C:\program.exe as SYSTEM.

Service Name: AProConsoleService
binary impacted: apro_console.exe

# If a malicious payload is inserted into C:\  and service is executed in
any way, this can grant privileged access to the system and perform
malicious activities.
            

文章来源: https://www.exploit-db.com/exploits/51939
如有侵权请联系:admin#unsafe.sh