QQBrowser before 10.5.3870.400 installs a Windows service TsService.exe. This file is writable by anyone belonging to the NT AUTHORITY\Authenticated Users group, which includes all local and remote users. This can be abused by local attackers to escalate privileges to NT AUTHORITY\SYSTEM by writing a malicious executable to the location of TsService.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-09T12:38:40
Updated: 2024-08-04T11:06:09.537Z
Reserved: 2020-03-13T00:00:00
Link: CVE-2020-10551
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-04-09T13:15:12.560
Modified: 2024-11-21T04:55:33.927
Link: CVE-2020-10551
Redhat
No data.