2

[local] ASUS Control Center Express 01.06.15 - Unquoted Service Path

 1 month ago
source link: https://www.exploit-db.com/exploits/51939
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

ASUS Control Center Express 01.06.15 - Unquoted Service Path

EDB-ID:

51939

EDB Verified:

Exploit:

  /  

Platform:

Windows

Date:

2024-04-02

Vulnerable App:

# Exploit Title: ASUS Control Center Express 01.06.15 - Unquoted Service Path
Privilege Escalation
# Date: 2024-04-02
# Exploit Author: Alaa Kachouh
# Vendor Homepage:
https://www.asus.com/campaign/ASUS-Control-Center-Express/global/
# Version: Up to 01.06.15
# Tested on: Windows
# CVE: CVE-2024-27673

===================================================================
ASUS Control Center Express Version =< 01.06.15 contains an unquoted
service path which allows attackers to escalate privileges to the system
level.
Assuming attackers have write access to C:\, the attackers can abuse the
Asus service "Apro console service"/apro_console.exe which upon restarting
will invoke C:\Program.exe with SYSTEM privileges.

The binary path of the service alone isn't susceptible, but upon its
initiation, it will execute C:\program.exe as SYSTEM.

Service Name: AProConsoleService
binary impacted: apro_console.exe

# If a malicious payload is inserted into C:\  and service is executed in
any way, this can grant privileged access to the system and perform
malicious activities.

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK