In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2023-01-10T02:44:38.047Z
Updated: 2024-08-02T04:54:32.561Z
Reserved: 2022-12-16T03:12:52.291Z
Link: CVE-2023-0012
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-10T03:15:10.067
Modified: 2024-11-21T07:36:23.477
Link: CVE-2023-0012
Redhat
No data.