Bartender 2019
Monthly
Unauthenticated remote code execution in Seagull Software BarTender 2010, 2016 (<=R9), and 2019 (<=R10) is reachable over TCP/7375 through the BtSystem.Service.exe .NET Remoting endpoint, which runs as NT AUTHORITY\SYSTEM. The exposed singleton uses BinaryServerFormatterSinkProvider with TypeFilterLevel=Full, allowing attackers to abuse deserialization-style object unmarshalling to read/write arbitrary files, coerce NTLMv2 authentication via UNC paths, or pivot to full code execution. No public exploit identified at time of analysis, but the VulnCheck advisory documents the attack primitives in detail.
Unauthenticated remote code execution in Seagull Software BarTender 2010, 2016 (<=R9), and 2019 (<=R10) is reachable over TCP/7375 through the BtSystem.Service.exe .NET Remoting endpoint, which runs as NT AUTHORITY\SYSTEM. The exposed singleton uses BinaryServerFormatterSinkProvider with TypeFilterLevel=Full, allowing attackers to abuse deserialization-style object unmarshalling to read/write arbitrary files, coerce NTLMv2 authentication via UNC paths, or pivot to full code execution. No public exploit identified at time of analysis, but the VulnCheck advisory documents the attack primitives in detail.