Powerattendant Standard Edition
Monthly
DLL hijacking in OMRON PowerAttendant Standard Edition UPS management software allows local attackers with low privileges to escalate to SYSTEM by planting malicious libraries in the installation directory, which are loaded during service startup. The attack requires high complexity (vulnerable directory permissions must exist) but achieves scope change with full system compromise. No public exploit identified at time of analysis, though the DLL hijacking technique (CWE-427) is well-documented a
DLL hijacking in OMRON PowerAttendant Standard Edition UPS management software allows local attackers with low privileges to escalate to SYSTEM by planting malicious libraries in the installation directory, which are loaded during service startup. The attack requires high complexity (vulnerable directory permissions must exist) but achieves scope change with full system compromise. No public exploit identified at time of analysis, though the DLL hijacking technique (CWE-427) is well-documented a