all InfoSec news
VU#287122: Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
Parsec updater for Windows was prone to a local privilege escalation vulnerability, this vulnerability allowed a local user with Parsec access to gain NT_AUTHORITY/SYSTEM privileges.
Description
The vulnerability is a time-of-check time–of-use (TOCTOU) vulnerability. There existed a small window between verifying the signature and integrity of the update DLL and the execution of DLL main.
By exploiting this race condition, a local attacker could swap out the officially signed Parsec DLL with a DLL that they created, which would …
access app check code desktop elevation of privilege escalation flaw integrity local local privilege escalation privilege privilege escalation privileges process remote desktop system system privileges toctou verification vulnerability windows