ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation vulnerability due to insecure permission. An attacker can overwrite an executable that is launched as a service to exploit this vulnerability and execute arbitrary code with system privileges.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Altools | Estsoft | * | 18.1 (including) |