In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable that will run with SYSTEM privileges at startup. This occurs because of "RW NT AUTHORITY\Authenticated Users" permissions for %SYSTEMDRIVE%\apcupsd\bin\apcupsd.exe.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Jun/20 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/99092 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038707 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-06-16T13:00:00
Updated: 2017-07-06T09:57:01
Reserved: 2017-04-16T00:00:00
Link: CVE-2017-7884
JSON object: View
NVD Information
Status : Modified
Published: 2017-06-16T13:29:00.187
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-7884
JSON object: View
Redhat Information
No data.
CWE