CVE-2018-25359
HighSummary
Splinterware System Scheduler Pro version 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious executable that executes with LocalSystem privileges when the service is triggered.
Risk Assessment
This vulnerability poses a serious risk to organizations as it allows attackers to gain higher privileges, potentially leading to system takeover. It enables the execution of malicious code with full system privileges.
Recommendation
It is recommended to immediately update Splinterware System Scheduler Pro to the latest version to mitigate this vulnerability. Additionally, review and adjust file permissions in the installation directory to restrict modification by low-privilege users.
Original NVD description (English source)
Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious executable that executes with LocalSystem privileges when the service is triggered.

