Avacast
Monthly
Unquoted service path vulnerability in AVACAST by eMPIA Technology enables local privilege escalation from high-privileged user to SYSTEM. Attackers with administrative access can plant malicious executables in unquoted paths, achieving arbitrary code execution with system-level privileges upon service restart. Taiwan CERT (TWCERT) published advisories confirming the vulnerability. No public exploit code identified at time of analysis, and exploitation requires existing administrative privileges, limiting practical risk to environments where privileged user compromise is a concern.
Local privilege escalation in eMPIA Technology AVACAST allows authenticated local users to execute arbitrary code with SYSTEM privileges by placing a malicious DLL in a specific directory exploited during application startup. This DLL hijacking vulnerability (CWE-427) requires low-complexity exploitation with no user interaction once local access is obtained. Taiwan's TWCERT issued advisories on this vulnerability, indicating regional awareness though no CISA KEV listing or public exploit code has been identified at time of analysis.
Unquoted service path vulnerability in AVACAST by eMPIA Technology enables local privilege escalation from high-privileged user to SYSTEM. Attackers with administrative access can plant malicious executables in unquoted paths, achieving arbitrary code execution with system-level privileges upon service restart. Taiwan CERT (TWCERT) published advisories confirming the vulnerability. No public exploit code identified at time of analysis, and exploitation requires existing administrative privileges, limiting practical risk to environments where privileged user compromise is a concern.
Local privilege escalation in eMPIA Technology AVACAST allows authenticated local users to execute arbitrary code with SYSTEM privileges by placing a malicious DLL in a specific directory exploited during application startup. This DLL hijacking vulnerability (CWE-427) requires low-complexity exploitation with no user interaction once local access is obtained. Taiwan's TWCERT issued advisories on this vulnerability, indicating regional awareness though no CISA KEV listing or public exploit code has been identified at time of analysis.