Описание
Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.
Ссылки
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:realtimelogic:barracudadrive:6.5:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
github
больше 3 лет назад
Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.
EPSS
Процентиль: 9%
0.00032
Низкий
8.8 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732