A vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a low-privileged user can gain a SYSTEM level command prompt by pre-staging a file structure prior to the installation of a trusted service executable and change permissions on that file structure during a repair operation.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Airmedia | Crestron | 4.3.1.39 (including) | 4.3.1.39 (including) |