Description
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.
References (2)
Core 2
Core References
Product x_refsource_misc
https://www.adaware.com/
Exploit, Third Party Advisory x_refsource_misc
https://r0h1rr1m.medium.com/adaware-protect-local-privilege-escalation-through-insecure-service-permissions-44d0eeb6c933
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
8.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (1)
adaware/protect
1.2.439.4251
Published
Jun 16, 2022
Tracked Since
Feb 18, 2026