RSS   Vulnerabilities for 'System scheduler'   RSS

2021-07-06
 
CVE-2021-31771

CWE-269
 

 
Splinterware System Scheduler Professional version 5.30 is subject to insecure folders permissions issue impacting where the service 'WindowsScheduler' calls its executable. This allow a non-privileged user to execute arbitrary code with elevated privileges (system level privileges as "nt authority\system") since the service runs as Local System.

 


Copyright 2024, cxsecurity.com

 

Back to Top