CVE-2019-15742

HIGH

Poly Plantronics Hub <3.14 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2019-15742. PoCs published by Metasploit, Markus Krell, bcoles, including Metasploit module exploits/windows/local/plantronics_hub_spokesupdateservice_privesc.

AI-analyzed exploit summary This Metasploit module exploits a privilege escalation vulnerability in Plantronics Hub's SpokesUpdateService by writing a malicious executable path to a writable configuration file, which is then executed as SYSTEM.

Description

A local privilege-escalation vulnerability exists in the Poly Plantronics Hub before 3.14 for Windows client application. A local attacker can exploit this issue to gain elevated privileges.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/47944

View Code ZIP pw:eip

This Metasploit module exploits a privilege escalation vulnerability in Plantronics Hub's SpokesUpdateService by writing a malicious executable path to a writable configuration file, which is then executed as SYSTEM.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Plantronics Hub version 3.13.2

No auth needed

Prerequisites: Plantronics Hub installed · SpokesUpdateService running · Write access to MajorUpgrade.config

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by Markus Krell, bcoles · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/plantronics_hub_spokesupdateservice_privesc.rb

View Code ZIP pw:eip

This Metasploit module exploits a privilege escalation vulnerability in Plantronics Hub's SpokesUpdateService by writing a malicious executable path to the writable MajorUpgrade.config file, which is executed as SYSTEM. The exploit generates a payload, writes it to a temporary directory, and modifies the configuration file to trigger execution.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Plantronics Hub version 3.13.2

No auth needed

Prerequisites: Plantronics Hub installed · SpokesUpdateService running · Write access to MajorUpgrade.config

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1059.001 - PowerShell

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/155952/Plantronics-Hub-SpokesUpdateService-Privilege-Escalation.html

Scores

CVSS v3 7.8

EPSS 0.0876

EPSS Percentile 92.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

plantronics/plantronics_hub < 3.14

Published Jan 17, 2020

Tracked Since Feb 18, 2026