vendor:
a:matrix42:remote_control_host:3.20.0031
by:
HIGH
and then restarting the service or the machine
CVSS
Remote.exe will start with SYSTEM privileges."
Unquoted Path Privilege Escalation
Roland C. Redl
CWE
Product Name: a:matrix42:remote_control_host:3.20.0031
Affected Version From: To fix the vulnerability manually, open regedit, browse to HKLM\SYSTEM\CurrentControlSet\services and add quotes to the ImagePath value of the relevant service.
Affected Version To: NO
Patch Exists: 428
Related CWE: 2016
CPE: 3.20.0031
Metasploit:
Windows 7 Enterprise SP1 x64
Other Scripts:
https://www.exploit-db.com/raw/39908
Platforms Tested: Matrix42
N/A
Matrix42 Remote Control Host – Unquoted Path Privilege Escalation
The unquoted path vulnerability in Matrix42 Remote Control Host allows an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. By copying notepad.exe to "C:Program Files (x86)Matrix42" and renaming it to ""Remote.exe""
