A privilege escalation vulnerability was identified in the Huawei HiSuite software which can be used by a local user to elevate privileges to become the SYSTEM user. The root cause of the problem are insecure ACLs on the HandSet service directory which allows any authenticated user to place a crafted DLL file in that directory to perform a DLL hijacking attack. Versions 4.0.3.301 and below are affected.
6c6581b85754886f7bf71324c9215879a17f5cce30ef4b37096ab2d6b6d81ffaSamsung's SW Update versions 2.2.7.22 and below suffer from having insecure ACLs on its directory allowing any authenticated user to escalate their privileges.
4fd7871ec675d6f7a6b4d066d734cda6f750bb081f8734269b785590c3ec329e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed