admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-08 11:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2020/CVE-2020-10551.md

22 lines
965 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2020-10551](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10551)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
QQBrowser before 10.5.3870.400 installs a Windows service TsService.exe. This file is writable by anyone belonging to the NT AUTHORITY\Authenticated Users group, which includes all local and remote users. This can be abused by local attackers to escalate privileges to NT AUTHORITY\SYSTEM by writing a malicious executable to the location of TsService.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/mbiel92/Hugo-MB
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/seqred-s-a/CVE-2020-10551
- https://github.com/soosmile/POC
Reference in New Issue Copy Permalink