RSS   Vulnerabilities for 'Kiosk engine'   RSS



Spb Kiosk Engine allows local users to bypass restrictions on allowed applications via (1) removable media containing a program that will execute because of the autorun setting and (2) applications that are able to invoke other applications, as demonstrated by a file: URL specifying a .exe file.



Spb Kiosk Engine stores the administrator's passcode in the registry in plaintext, which allows local users to obtain the passcode.


Copyright 2018,


Back to Top