CVE-2023-53949

HIGH

AspEmail 5.6.0.2 - Privilege Escalation

Title source: llm

Description

AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access.

Exploits (1)

exploitdb WORKING POC
by Zer0FauLT · textlocalwindows
https://www.exploit-db.com/exploits/51380

References (3)

Scores

CVSS v3 8.4
EPSS 0.0002
EPSS Percentile 6.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-732
Status published
Products (1)
Aspemail/AspEmail < 5.6.0.2
Published Dec 19, 2025
Tracked Since Feb 18, 2026