all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

MSI Installer Vulnerability Let Attackers Escalate Privileges with Windows Systems

Add to bookmarks
July 4, 2024, 3:37 a.m. | Guru Baran

Cyber Security News cybersecuritynews.com

A critical local privilege escalation vulnerability has been discovered in MSI Center versions 2.0.36.0 and earlier, allowing low-privileged users to escalate their privileges on Windows systems. This security flaw, tracked as CVE-2024-37726, stems from insecure file operations performed by the MSI Center application running with NT AUTHORITY\SYSTEM privileges. "Is Your System Under Attack? Try Cynet […]


The post MSI Installer Vulnerability Let Attackers Escalate Privileges with Windows Systems appeared first on Cyber Security News.

application attackers authority center critical cve cve-2024 cyber security escalation file flaw insecure installer local local privilege escalation low msi operations privilege privileged privilege escalation privileges running security security flaw system system privileges systems vulnerability windows

Visit resource

More from cybersecuritynews.com / Cyber Security News

Japan Sets New Internet Speed Record of 402 Tb/s Via Optical Fiber 7 hours ago | cybersecuritynews.com
capabilities cyber security data fiber +13
PoC Exploit Released for HTTP File Server Remote Code Execution Vulnerability 1 day, 9 hours ago | cybersecuritynews.com
code code execution commands concept +24
Hackers Weaponizing ScreenConnect Remote Access Client to Deliver AsyncRAT 2 days ago | cybersecuritynews.com
access asyncrat campaign client +19
Teamviewer Discloses Investigation Update Following Cyber Attack 2 days, 1 hour ago | cybersecuritynews.com
attack breach connectivity corporate +22
Team ARXU Hackers Aggressively Attacking Schools And Bank Servers 2 days, 1 hour ago | cybersecuritynews.com
bank banks can cyber-attack +29
Hackers Using ProxyLogon & ProxyShell To Attack Microsoft Exchange Servers 2 days, 2 hours ago | cybersecuritynews.com
attack can communication cyber-attack +19
Logsign Unified SecOps RCE Vulnerabilities Let Attackers Gain Control of the System 2 days, 6 hours ago | cybersecuritynews.com
attackers can code code execution +24
Beware of Open-Source Neptune Stealer Delivered Via GitHub 2 days, 6 hours ago | cybersecuritynews.com
analysts code cyber security cybersecurity +20
New SnailLoad Side-Channel Attack Let Hackers Monitor Your Web Activity 2 days, 10 hours ago | cybersecuritynews.com
attack attacks can channel +25

Jobs in InfoSec / Cybersecurity

Find Talent

Technology Risk & Controls Manager

@ LegalAndGeneral | London, United Kingdom
View on infosec-jobs.com

Solutions Architect - Prisma Cloud

@ Palo Alto Networks | Munich, Germany
View on infosec-jobs.com

Security Operations Engineer

@ Cognite | Oslo
View on infosec-jobs.com

Ingénieur Cybersécurité PKI

@ Alter Solutions | PARIS, France
View on infosec-jobs.com

Cyber Security Project Engineer

@ Dezign Concepts LLC | Chantilly, VA
View on infosec-jobs.com

Cloud Cybersecurity Incident Response Lead

@ Maveris | Martinsburg, West Virginia, United States
View on infosec-jobs.com