ManageEngine OpManager 12.3 Privilege Escalation
Posted by deepcore on January 23, 2019 – 10:44 am
ManageEngine OpManager version 12.3 suffers from a weak permissions issue in which an attacker can replace the service binary with a binary of his choice. This service runs as Localsystem thus allowing for a privilege escalation vector.
Post a reply
You must be logged in to post a comment.