Sign In
Advisories

TDM Digital Signage PC Player 4.1.0.4 Privilege Escalation via Insecure Permissions

Go Back
severity
high
date
Affecting

  • TDM Digital Signage PC Player 4.1.0.4

CWE
  • CWE-732 Incorrect Permission Assignment for Critical Resource
CVSS
8.5
CVSS V4 Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Credit
LiquidWorm as Gjoko Krstic of Zero Science Lab
Description
TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system access.