09-14-2023, 09:25 PM
N-Able's Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escal
A high-severity security flaw has been disclosed in N-Able's Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges.
Tracked as CVE-2023-27470 (CVSS score: 8.8), the issue relates to a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability, which, when successfully exploited, could be leveraged to delete arbitrary files on a Windows
https://thehackernews.com/2023/09/n-able...agent.html
A high-severity security flaw has been disclosed in N-Able's Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges.
Tracked as CVE-2023-27470 (CVSS score: 8.8), the issue relates to a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability, which, when successfully exploited, could be leveraged to delete arbitrary files on a Windows
https://thehackernews.com/2023/09/n-able...agent.html