VU#287122: Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process

Opsfolio Community
August 16, 2023, 1 month ago
28

Overview Parsec updater for Windows was prone to a local privilege escalation vulnerability, this vulnerability allowed a local user with Parsec access to gain NT_AUTHORITY/SYSTEM privileges. Description The vulnerability is a time-of-check time–of-use (TOCTOU) vulnerability. There existed a small window between verifying the signature and integrity of the update DLL and the execution of DLL main. By exploiting this race condition, a local attacker could swap out the officially signed Parsec DLL with a DLL that they created, which would...

Source: https://kb.cert.org/vuls/id/287122

VU#287122: Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process

VU#287122: Parsec Remote Desktop App is prone to a local elevation of privilege due to a logical flaw in its code integrity verification process

Subscribe To Our Newsletter!

Popular Posts

What A Cybersecurity Degree Teach You About Protecting Businesses Against Threats

Steps to creating a healthcare app

Cybersecurity Tips For Freelance Healthcare Workers

How to Create a Secure Healthcare Website?

How to keep your child safe from infections when you are not at home?

POPULAR Media

Ransomware Payouts Are On The Rise

Defense Against Socially Engineered Attacks

Address Ransomware With Multiple Layered Security

Hitrust – Streamlining the Compliance Process