SynopsisA web application on the remote host has a privilege escalation vulnerability.
DescriptionThe version of LiveUpdate Administrator running on the remote host is earlier than 2.3.2. Such versions have a privilege escalation vulnerability due to insecure file permissions set by a default installation.
The webapps directory allows write access to the Everyone group.
A local, unprivileged attacker could exploit this by creating or modifying files that will be executed as SYSTEM, resulting in privilege escalation.
SolutionUpgrade to LiveUpdate Administrator 2.3.2 or later.