all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

VU#287122: Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process

Add to bookmarks
Aug. 16, 2023, 4:18 p.m. |

CERT Recently Published Vulnerability Notes kb.cert.org

Overview


Parsec updater for Windows was prone to a local privilege escalation vulnerability, this vulnerability allowed a local user with Parsec access to gain NT_AUTHORITY/SYSTEM privileges.


Description


The vulnerability is a time-of-check time–of-use (TOCTOU) vulnerability. There existed a small window between verifying the signature and integrity of the update DLL and the execution of DLL main.


By exploiting this race condition, a local attacker could swap out the officially signed Parsec DLL with a DLL that they created, which would …

access app check code desktop elevation of privilege escalation flaw integrity local local privilege escalation privilege privilege escalation privileges process remote desktop system system privileges toctou verification vulnerability windows

Visit resource

More from kb.cert.org / CERT Recently Published Vulnerability Notes

VU#163057: BMC software fails to validate IPMI session. 2 weeks, 4 days ago | kb.cert.org
abuse access attacker baseboard management controller +17
VU#238194: R Programming Language implementations are vulnerable to arbitrary code execution during deserialization of .rds … 2 weeks, 5 days ago | kb.cert.org
arbitrary code arbitrary code execution attacker can +15
VU#253266: Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models 1 month ago | kb.cert.org
application arbitrary code attacker attackers +14
VU#123335: Multiple Programming Languages Fail to Escape Arguments Properly in Microsoft Windows 1 month, 1 week ago | kb.cert.org
arbitrary code attackers cases code +15
VU#155143: Linux kernel on Intel systems is susceptible to Spectre v2 attacks 1 month, 1 week ago | kb.cert.org
architectures attacker attacks bhi +20
VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks 1 month, 2 weeks ago | kb.cert.org
attacks can dos fragments +6
VU#417980: UDP-based, application-layer protocol implementations are vulnerable to network loops 1 month, 4 weeks ago | kb.cert.org
abuse application applications attacker +18
VU#488902: CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions 2 months ago | kb.cert.org
architectures attacker can conditions +13
VU#949046: Sceiner firmware locks and associated devices are vulnerable to encryption downgrade and arbitrary file … 2 months, 1 week ago | kb.cert.org
app attacks bluetooth called +11

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France
View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom
View on infosec-jobs.com