all InfoSec news
Microsoft Azure Site Recovery DLL hijacking
July 12, 2022, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
privilege escalation from any low privileged user to SYSTEM on hosts where this service was installed.
Incorrect permissions on the cxprocessserver service's executable directory allowed new files to be
created in it by any user. Since the service ran automatically and with SYSTEM privileges and attempted
to load DLLs from the directory, this allowed for a DLL hijacking / planting attack.
azure azure site recovery dll dll hijacking hijacking microsoft microsoft azure recovery
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
GraphNinja
6 days, 18 hours ago |
www.cloudvulndb.org
AWS Amplify IAM role publicly assumable exposure
2 weeks, 6 days ago |
www.cloudvulndb.org
AWS Glue database password leakage
3 weeks, 3 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 4 weeks ago |
www.cloudvulndb.org
Azure Pipelines Agent poisoned pipeline execution
4 months, 2 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Information Assurance Security Specialist (IASS)
@ OBXtek Inc. | United States
Cyber Security Technology Analyst
@ Airbus | Bengaluru (Airbus)
Vice President, Cyber Operations Engineer
@ BlackRock | LO9-London - Drapers Gardens
Cryptography Software Developer
@ Intel | USA - AZ - Chandler
Lead Consultant, Geology
@ WSP | Richmond, VA, United States
BISO Cybersecurity Director
@ ABM Industries | Alpharetta, GA, United States